Nigeria’s exposure to phishing attacks rises as cybercrime cost hits $6 trillion
•Microsoft calls for collaboration between govt, private sector
Microsoft has called for safer online community in Nigeria, stressing that cybercrime will cost the global economy $6 trillion by 2021. Microsoft said the call became necessary following increasing phishing attacks on the Nigerian community.
The firm said phishing, which is the biggest security headache for businesses and individuals, is among the hardest to tackle. The American technology company said phishing increased by over 250 per cent in Nigeria and other parts of the world.Phishing is the fraudulent attempt to obtain sensitive information such as usernames, passwords and credit card details by disguising oneself as a trustworthy entity in an electronic communication. It is typically carried out by email spoofing or instant messaging. It often directs users to enter personal information at a fake website which matches the look and feel of the legitimate site.
Speaking with Journalists yesterday, in Lagos, Country Manager for Nigeria & Ghana at Microsoft, Akin Banuso, disclosed that hackers are increasingly taking advantage of “low hanging fruit” prevalent in Nigeria and others to get around increasingly sophisticated security measures.
Banuso noted that with constant ongoing attacks rising to the surface across the continent, it’s evident that governments and industries have a long way to go with successfully mitigating risks when it comes to cybercrime.He disclosed that major attacks, especially ransomware are unleashed on Nigeria and sub-Saharan Africa from Eastern Europe. He stressed that some of criminals in those locality literarily set up office in remote areas for the purpose of hacking.
Already, analysts estimate that in Nigeria, ministries, departments and agencies continue to lose over N127 billion yearly to cybercrime – this amounts to 0.08 per cent of the country’s yearly Gross Domestic Product (GDP).“As organisations continue to digitally transform, so does their exposure to threats within cyberspace. Organisations need to leverage ever-improving capabilities with advanced technologies like Artificial Intelligence to efficiently combat cybercrime. We have a responsibility to educate businesses about these recent developments,” Banuso said.
He revealed that Microsoft’s recently published Security Intelligence Report, which delved into the cybersecurity events that took place over the past year, includes an overview of the threat landscape, lessons learned from the field and recommended best practices – this was also unpacked at the event.
According to Digital Advisor for Microsoft Middle East & Africa, Daniel Adeyemo, the report identified four key trends that have risen to the forefront in the fight against cyber threats. “From our ongoing research, we found that in the past year ransomware attacks as a vector declined, software supply chains have become a risk, cryptocurrency mining is prevalent, and phishing still remains the preferred attack method.
“While this may indicate progress in blocking ransomware attacks against organisations, it also draws our attention to new avenues now being identified for attacks. These new avenues are very easily ignored by organisations but are a recognisable ‘pathway’ for penetration.”
While security has always been a focus for Microsoft, Adeyemo said Microsoft recognised that the digital world requires a new approach on how to protect, detect and respond to security threats.
According to him, Microsoft’s approach to security, encompasses how the organisation aims to better protect all endpoints – from sensors and datacenters to identities and SaaS applications. It also aimed to faster detect threats using the scale and intelligence of the cloud, machine learning and behavioural monitoring.
“While there will always be new threats, attacks and technologies, organizations and companies can begin to take action today to address security concerns and improve their security postures. It is critical for companies to strengthen their core security hygiene (across areas like monitoring, antivirus, patch and operating systems), adopt modern platforms and comprehensive identity, security and management solutions, and to leverage features offered within cloud services. It is just as important to create education and awareness across employee populations in order to build and sustain a pervasive security culture,” Banuso stressed.