…While Anonymous Hacktivist is on the trail of Nigerians in the process of expressing solidarity for the mass protest, other hackers have taken advantage of this to penetrate and infiltrate the cyber and date architecture of organizations, therefore, organizations should look at a long-term approach to protecting their data infrastructures.
In October 2018, a cybersecurity expert Justin Payne disclosed his discovery of an exposed Amazon S3 bucket he believed belonged to Arik Air (or their payment processor) that contained sensitive information from more than 50,000 customers. Similarly, in November Marriott International, owners of Protea and Sheraton Hotels in Lagos, reported a breach of their premium guest database that compromised booking data of about 500 million guests. Names, addresses, account information, gender, dates of birth, and even arrival and departure times were copied and encrypted by the hackers.
Unfortunately, Nigerian institutions and organisations are still unprepared for the scale and emergence of security threats. 2017 Serianu’s Nigerian Cybersecurity Report shows that more than 55% of organisations surveyed do not regularly train their staff on cybersecurity which significantly increased in 2017 and the onslaught of ransomware WannaCry in 2017, affected more than 200,000 computers across 150 countries including Nigeria.
The lack of urgency in our approach to cybersecurity issues can be seen in the case of Arik Air that took about a month to get the airline to look into the breach and secure the information. While in another situation Equifax discovered 76 days after its data had been hacked and the Marriott SPG hack had been ongoing since 2014 unnoticed.
The reality of today is that cybersecurity should be an integral part of business strategy for the achievement of organisational goals and not just a luxury. In a recent survey, it was discovered that 64 percent of organisations with a staff strength of 10-1000 employees have suffered cyberattacks.
Additionally, research by Sidmach Technologies found that 43 percent of cyberattacks in Nigeria are targeted at small and medium enterprises (in a couple of tries where SMEs account for 96 percent of Nigerian businesses).
The impact of cyber attacks can be very damaging to businesses. The direct economic cost of such attacks could include; theft of corporate information, misuse of corporate identity, disruption to trading/commercial activities or even having to repair affected technological gadgets all resulting in financial loss.”
Considering the dynamism of the technology space, the nature of malware attacks has evolved over the years into sophisticated and nuanced socially engineered attacks. With artificial intelligence and other emerging unregulated tech terrains like cryptocurrency and blockchain, growing at an unprecedented rate, there’ll be more complex attacks to worry about. 2020, saw tech giant, Twitter experience such an attack that made top verified accounts lose hold of their accounts temporarily until the attack was curtailed.
Unfortunately in our environment, cybersecurity audits are rarely carried out. Also, despite existing legislation against cybercrimes, 96% of incidents went unreported in 2017. Thus, the real picture of the cyber vulnerability of our tech space is not known.
While Anonymous Hacktivist is on the trail of Nigerians in the process of expressing solidarity for the mass protest, other hackers have taken advantage of this to penetrate and infiltrate the cyber and date architecture of organizations, therefore, organizations should look at a long-term approach to protecting their data infrastructures. Conrad Clark Nigeria Limited has cybersecurity solutions that can help businesses protect and manage their data infrastructure effectively. With the technical inputs of internationally acclaimed cybersecurity experts as associates.
Send us a email on firstname.lastname@example.org or call all +234(0)8095550641 to access these golden opportunities.