WITH escalating geopolitical and geo-economic tensions, Nigeria and other countries with weak cyber security profiles are threatened by a barrage of state-sponsored malicious cyber activities.
These could pose an enormous risk even when they occur at low-level intensity, experts have warned.
The Nigerian Communications Commission (NCC) has issued at least six cyber-attack warnings since the beginning of the year. The warnings came on the back of a rising incidence of cyber-attacks, both globally and locally.
From software supply chain compromises to alleged attempted theft of sensitive COVID-19 vaccine research to power-supply cutoffs, state-sponsored cyber incidents have compromised the security of critical infrastructure in countries around the world.
In response, governments and businesses around the world should be developing new cybersecurity strategies and initiatives.
These were made known at the ongoing Cybersecurity Virtual Reporting Tour scheduled for August 29 to September 16. Organised by Foreign Press Centres of the United States, the event is themed, “A Shared Responsibility: Prioritizing Public-Private Partnerships in Cybersecurity.”
It was revealed that in 2021, the United States set a record for the highest data breaches and other cyber incidents affecting companies, governments and individuals.
According to the latest data breach report by IBM and the Ponemon Institute, a research centre dedicated to privacy, data protection, and ethical research standards, the cost of data breaches in 2021 stood at $4.24 million, which was a 10 per cent increase from the average cost recorded in 2019.
In the first quarter of 2022 alone, the number of reported breach incidents increased by 14 per cent compared to the same period in 2021, the report said.
With reference made to Cybersecurity Ventures, it was disclosed that the global average cost of cybercrime peaked at $6 trillion in 2021, driven mostly by ransomware attacks. This could hit $10.5 trillion by 2025.
While speaking on the topic: ‘Overview of Cybersecurity and its impact’, National Cyber Director and Advisor to the President of the United States Joe Biden on cybersecurity, Chris Inglis, said there is a need to understand who is responsible for what in cyberspace.
“If we get the roles and responsibilities right in cyberspace, if we get the people skills right in cyberspace, if we get the technology right in cyberspace, we will have dealt with all three of the really important pieces of the noun of cyberspace. Cyberspace is technology and people and roles and responsibilities,” he said.
Inglis said cyber is important because of what it does for the people, stressing that cyber is more than technology that it’s people and doctrine, and requires that people deliver what is expected of it.
According to him, three things are essential; “one, we need to make sure that we make the investments required to make sure that it’s resilient and robust by design, in the same way to my earlier point we do that for cars and aeroplanes and therapeutics. We invest in those to make sure that we can have confidence in the functions that they perform before the events occur. We try to avoid bad experiences as opposed to simply responding to things that happen to us or around us.
“Also, we will – if we make the investments necessary – create a resilient system, a defensible system, but it will never be a perfectly secure system, meaning that these systems do not defend themselves. We must actively participate in their defence, and that defence needs to be a collective defence, one where each of us makes contributions to the defence of all of us. This must be an international effort where we have a social contract amongst nations that determine: how we collectively make the investments necessary to create resilience in this space; how we collectively make contributions to defend what then results in this space as a series of critical functions upon which our societies depend?
From her perspective, Principal Deputy National Cyber Director, Kemba Walden, said cyberspace activities are high, stressing that ransomware is an activity that requires an all-hands-on-deck approach.
Walden said all countries and communities need to be a part of the solution. Speaking on how it is related to cryptocurrency, she said ransomware is not necessarily new, adding that it wasn’t born out of the development of cryptocurrency or even blockchain technology in the olden days, stressing that people use prepaid cards to be able to execute ransom.
According to her, the costs of doing business as a ransomware actor are far too low, stressing that there is a need to raise the costs of doing the business and raise the entry of doing business as a ransomware actor such that it becomes less profitable and more difficult to do, which impact activities of criminals.