MBACHU GODWIN NNANNA and NAZEEF BAKURA take a look at the relentless scourge of cybercrime, the consequences on national life and ways individuals, government and private organisations can stave off attacks.
Activities of cybercriminals particularly hackers resulted in the loss of $80 billion in the struggle of combating the crime globally and about N127 billion was the estimated loss to cybercrime in Nigeria in 2015 according to Nigerian Communications Commission (NCC).
This tallies with the conclusions of a cybersecurity expert, the chief executive officer, cybersecurity business report, Steve Morgan who opined that Nigeria loses billions daily to cybercrime.
He averred that cyber security spending will exceed $1trillion from 2107 to 2020 and that damage costs will hit $6 trillion annually by 2021 as well as that the global ransomware damage costs will exceed $5 billion this year alone.
Lots of attacks are been carried out in a day, as internet services providers, social media platforms among others are busy protecting the rights and properties of their users.
Facebook revealed that every 24 hours it receives around 600,000 logins to the social networking website from impostors attempting to access users’ messages, photos and other personal information. It has also been estimated that almost 70% of all email traffic is spam. In the online world, it is Nigeria that is often seen as the biggest culprit. Also the 2015 Google Android Security Annual Report, stated that users were been protected against Potentially Harmful Apps (PHAs), malware, network-based and on-device threats, and unsafe websites by checking more than six billion apps per day, and scanning 400 million devices per day.
In its quarterly webpage publication “The Communicator,” the NCC suggested cybercrimes can be fought by the establishment of legal and regulatory framework and establishment of institutional framework for coordination and implementation.
The Communicator noted that “standards and regulations; capacity building, compliance and enforcement, emergency response and readiness, public enlightenment, international cooperation and Institutional framework must be ensured in other to secure the country’s cyberspace.
Microsoft highlighted some of the cybercrimes across the globe and cautioned computer and internet users that, “When it comes to the Internet, you are sure to acquire some malware, if you visit malicious websites without proper protection at the minimum, you need an antivirus and a firewall. You also need to stay and steer clear of different types of cybercriminals trying to make money at your cost.”
Identity theft and fraud is one of the most common types of cybercrime. The term ‘Identity Theft’ is used, when a person purports to be some other person, with a view to creating a fraud for financial gains. When this is done online on the Internet, it is called ‘Online Identity Theft.’ The most common source of stealing identity information of others, are data breaches affecting government or federal websites. It can be data breaches of private websites too, that contain important information such as – credit card information, address, email ID’s, etc.
This is one of the detestable malware-based attacks. Ransomware enters the computer network and encrypts the files using public-key encryption, and unlike other malware this encryption key remains on the hacker’s server. Attacked users are then asked to pay huge ransoms to receive this private key.
DDOS attacks are used to make an online service unavailable and bring it down, by bombarding or overwhelming it with traffic from multiple locations and sources. Large networks of infected computers, called Botnets are developed by planting malware on the victim computers. The idea is normally to draw attention to the DDOS attack, and allow the hacker to hack into a system. Extortion and blackmail could be the other motivations.
Botnets are networks of compromised computers, controlled by remote attackers in order to perform such illicit tasks as sending spam or attacking other computers. Computer Bots can also be used act like malware and carry out malicious tasks. Then can be used to assemble a network of computers and then compromise them.
Spam and Phishing
Spamming and phishing are two very common forms of cybercrimes. There is not much one can do to control them. Spam is basically unwanted emails and messages. They use Spam bots. Phishing is a method where cyber criminals offer a bait so that you take it and give out the information they want. The bait can be in form of a business proposal, announcement of a lottery to which one never subscribed, and anything that promises money for nothing or a small favour. There are online loans companies too that make claims that one can get insecure loans irrespective of your location. Doing business with such claims, you are sure to suffer both financially and mentally
Social engineering is a method where the cyber criminals make a direct contact with a target using emails or phones – mostly the latter. They try to gain the target’s confidence and once they succeed at it, they get the information they need. This information can be about the target’s money, company where he works or anything that can be of interest to the cyber criminals.
PUPs, commonly known as Potentially Unwanted Programmes are less harmful but more annoying malware. It installs unwanted software in your system including search agents and toolbars. They include spyware, adware, as well as diallers. Bitcoin miner was one of the most commonly noticed PUPs in 2013.
If you visit a website and it triggers a download of malicious code to your computer. These computers are then used to aggregate data and to manipulate other computers as well.
The websites may or may not know that they have been compromised. Mostly, the cyber criminals use vulnerable software such as Java and Adobe Flash and Microsoft Silverlight to inject malicious codes as soon as a browser visits the infected website. The user does not even know that there is a download in progress.
Remote Administration Tools
Remote Administration Tools are used to carry out illegal activities. It can be used to control the computer using shell commands, steal files/data, send location of the computer to a remote controlling device and more.
A vulnerability means some problem in the coding of a software that enables cyber criminals to gain control of the victim’s computer. There are ready to use tools (exploit kits) in the Internet market which people can buy and use it against you. These exploit kits are upgraded just like normal software. The only difference is these are illegal. They are available mostly in hacking forums as well as on the Darknet.
Scammers phone computer users randomly and offer to fix their computer for a fee. Every single day, scores of innocent people are trapped by scam artists into Online Tech Support Scams and forced to shell out hundreds of dollars for non-existent computer problems.
Drug Trafficking Deals
It is a global trade involving cultivation, manufacturing, distribution and sale of substances which are subject to drug prohibition law. Drug traffickers are increasingly taking advantage of the Internet to sell their illegal substances through encrypted e-mail and other Internet Technology.
Is essentially using the Internet to repeatedly harass another person. This harassment could be sexual or other motivations including anger. People leave a lot of information about themselves online. Such information can leave one vulnerable to cyber stalking.
This tells the computer to execute a set of instructions at a certain date and time or under certain specified conditions. The instructions may tell the computer to display gotcha (an authentication method) on the screen, or it may tell the entire system to start erasing itself. Logic bombs often work like viruses.
Users should always inculcate safe-browsing habits, maintain good system hygiene, avoid leaving digital footprints, securing one’s operating system with a fully updated and installed software and to install a good internet security software to protect the computer among others,
Experts believe that there is only one way to defend Nigeria from cyber threats, and that is through government and industry working together, sharing appropriate information as true partners.
Cybercrime, no doubt is one of the crimes that has impacted negatively to the nation’s economy as well as penetrated the vulnerable youth groups who see it as a trade.
Cybercrime in Nigeria is not a new phenomenon but appears to have grown with increased telephone penetration and internet-enabled smart phones. It is quite common among the youths especially students in most of the nation’s tertiary institutions.
Over the years the Nigerian government and especially the agency with the responsibility of fighting cybercrime, the Economic Financial Crime Commission, EFCC has not rested its oars in combating the crime.
There are concerns that the activities of cybercriminals in the country has brought a bad image to the country in international arena and affected the inflow of foreign direct investment as Nigeria is noted as a nation with high rate of cybercrime.
Nigeria is ranked third globally in cybercrimes behind the UK and the US. The NCC’s chief executive officer, Prof. Umar Danbatta, said that the number of internet users in Nigeria has hit to 91.6 million. Out of total of 121,835,936 million phone users going by the 2017 estimates of the Nigerian Communications Commission (NCC).
Some crime analysts observe that cybercrimes have in many ways affected the nation but the most impactful is the negative image that it gives to the country as a den of fraudsters. Foreigners who have been victims of cybercrimes have spread the message that Nigerians are dishonest people. This perception is really widespread to the extent that Nigerians are subjected to dehumanizing searches and treatments at international airports around the world.
Also, the activities of cyber criminals in Nigerian who use the Internet to effect advance fee fraud or obtain by trick is believed to have affected the inflow of foreign direct investment into Nigeria as some foreign investors are wary about investing in Nigeria.
Responding to our correspondent’s enquiry on the efforts of the EFCC in fighting cybercrime in the country, spokesman of the commission, Mr Wilson Uwajuren stated that the commission has well defined strategies in combating the crimes.
He noted that the commission is using all the resources available to it in fighting the scourge including preventive measures and law enforcement actions.
Uwajuren explained that in the area of prevention, the commission regularly embarks on enlightenment campaign to the most vulnerable institutions to educate the students on the ills of cybercrime. It also sets up anti-corruption and integrity clubs in schools to inculcate in the children the values of integrity and accountability.
He added that those who however violate the law on cybercrime are brought to justice as no one is above the law.
Speaking further on the synergy with international communities in the fight against cybercrime , the EFCC’s spokesman said “Cybercrimes frequently have international dimension especially when the victims are foreign nationals or organizations. The commission has over the years collaborated with a network of foreign partners in dealing with cybercrime cases. These include the FBI, Met Police, Western Australian Police etc”
On whether the anti-graft agency has secured any conviction or recovery he had this to say “Most of the convictions by the commission emanate from cases with cybercrime or advance fee fraud colouration. It is difficult to give you a figure but there are hundreds of such convictions. We have also made numerous recoveries. However such monies are frequently returned to the victim”
Asked if the cybercrime is on the increase or decrease in the country, Uwajuren averred “We have not done a survey to indicate whether it is on the rise or otherwise. But based on the volume of reported cases, I would say there has been a decrease.”
In an interview with our correspondent, Barrister Umar Iliyasu, noted that every federal high court were been opportune to prosecute cybercrime as provided by the constitution under section 521.
Barr. Iliyasu who is a staff of federal high court, Katsina state, stated that almost all the arrested cybercrime cases in Nigeria were drown from the banking sector as they have well equipment and expert that will at any time arrest possible threat to the banks.
He expressed his satisfaction towards the federal government’s efforts in combatting cybercrime in the county, urging the government to establish a strong independent body that will be saddled with the t
However, In its quarterly webpage publication “The Communicator”, the NCC suggested manoeuvres to fight cybercrimes; by establishment of legal and regulatory framework, establishment of Institutional framework for coordination and implementation.
It maintained that “standards and regulations; capacity building, Compliance and enforcement, emergency response and readiness, Public enlightenment, International cooperation and Institutional framework. must be ensured in other to secured cyberspace in the country.
The NCC and indeed many among the internet users and institutions will be relieved with the support of the National Cyber Security Alliance (NCSA) which is the nation’s leading non-profit, public-private partnership promoting cyber security and privacy education and awareness.
Our correspondent spoke with Barrister Umar Iliyasu, a staff of Federal High Court, Katsina State who disclosed that every federal high court is empowered to hear cybercrimes as provided by the constitution under section 521.
Iliyasu stated that almost all the arrested cybercriminal activities in Nigeria have to do with the banking sector.
He urging the government to establish a strong independent body that will be saddled with the task of fighting and protecting government, private and public institutions from cyber attacks.