- Cyber threats remains one of the daunting tasks financial institutions and financial technology companies in Nigeria grapple with
- In 2021, it was estimated that Nigerian banks lost about N3.5 billion to cyber attacks between Juky and September
- The Nigerian Inter-Bank Settlement Systems (NIBSS) estimates that the attacks represent about 534 per cent in comparison to the year before
In 2021, Nigerian banks lost about N3.5 billion between July and September to fraud-related cases which represents about a 534 per cent increase from the same period in 2020.
A BusinessDay report states that Nigeria’s Inter-Bank Settlement System (NIBBS) said in its Industry Fraud report discovered that the highest number of fraudulent cases, about 35.5 per cent, were done on the web channel, transactions that were carried out via a web browser, while transactions carried out via mobile phones were responsible for a loss of about N410 million at 11.7 per cent of the entire loss value.
NIBSS stated that the movement from the beginning of 2020 has been that the web and mobile channels are likely mediums for high fraudulent gains.
Banks lose billions to cybercriminals
The financial agency advocated the need for constant and proactive steps around these channels commonly used by cybercriminals.
PAY ATTENTION: Subscribe to Digital Talk newsletter to receive must-know business stories and succeed BIG!
Financial services investors are worried, especially as the Central Bank of Nigeria kickstarted its efforts in 2014 to drive cashless transactions, electronic banking fraud has been on the increase.
Speaking on the need for companies and financial institutions to tighten their security, the Head of Security Operations Centre at the Central Bank of Nigeria (CBN), Ifeanyi Jude Muonagor said that banks' use of cyber deception technology has yielded great results.
Muonagor spoke virtually at an event in Lagos on the Topic ‘Importance of deception technology and identity security and said that about 80 per cent of the system breaches have been traced to compromised credentials.
Experts recommend ways to fend off attacks
The programme which was organised by InfoData Professional Services in partnership with Attivo Networks and seeks ways banks and financial institutions can protect themselves from cyber-attacks.
According to the CBN staff, Cyber-attacks are so easy to carry out, which makes it difficult to deal with all the various incidents coming via security protection mechanisms that have not been fool-proof, saying that “but with deception solutions, it aids the security professional to gain the knowledge of what the attacker was coming to do.’
He Muonago said:
“In 2017, we (CBN) identified the need for cyber deception technology and we moved with a particular solution. I will not mention names because I am not campaigning for any particular vendor. But we found out that there were fewer activities because of the deployment model.”
According to a Cyber Security Expert and Lead System Engineer at Attivo Networks, Osama Al-Shatnawi, cyber-attacks do more damage than conventional warfare. “Everything can be done literally. A single bank lost $70 million dollars through a cyber-attack. I can tell you about electricity companies. Just look at what happened to Ukraine. Power cuts for the whole nation because of the cyber-attack. Any damage can happen due to cyber-attacks and that is why we need to take security seriously.”
Al-Shatnawi said that based on different market analyses that have been done by different entities using Attivo with other solutions in place, their detection and protection capability has been enhanced by 42 per cent.
Wayne Forsman, the Territory Manager at Attivo Networks, explained why cyber security breaches were on the increase. “Conventionally, we set up a wall around our network, web security, email, next-generation firewalls. But effectively, by not protecting Active Directory (a Microsoft tool used to access networks and other applications), you’ve left the door open.”
He said 80 per cent of current attacks are through Active Directory, the reason why it must be protected. “In order to secure something, you really need to know about it. First, we have an Active Directory assessor which gives you full visibility into Active Directory. It will give you all the vulnerability and mitigation steps to effectively make Active Directory more secure. However, you also need to protect your information, the various profiles created for a user to have rights to a system – passwords, username. You need to protect that information. As for the current gaps, no solution is protecting the information on the Active Directory, which is the gap Attivo has closed.”
According to the President of Infodata Professional Services Global, Chuks Ulu Udensi; “Our commitment to delivering security solutions that are intuitive, intelligent and relevant to the realities of today’s business-critical infrastructure is further bolstered by our partnership with Attivo Networks”.
Michael Nnamdi, a systems security expert with Polaris bank said he gained so much about identity protection and Active Directory security. “I will say that the idea by Attivo is really an interesting one. The idea of trying to protect these credentials, knowing that it is actually the gate to the kingdom,” he said.
A participant, Kingsley Ozokwo from the information security department at Stanbic IBTC, said learning about how better to secure the Active Directory, is a very valuable experience. “Active Directory is a major asset for any organization. The fact that there is a lot that can go wrong in that space is the reason we are here. I enjoyed the fact that this is moving us away from the traditional block and restrict, which is virtually what security is all about, to learn from the attackers themselves,” he said.
Five easy steps to check fake Bank alerts as NIBSS reveals Nigerians lost N5bn to fraud In 9 months
Recall that Legit.ng reported that in recent years, there has been a huge spike in the number of fraudulent cases, and this has become a source of concern for the Central Bank of Nigeria.
In an industry fraud report by the Nigeria Inter-Bank Settlement System Plc (NIBSS) it was detailed that in a nine month period, fraudsters attempted attacks 46,126 times, and they were successful on 41,979 occasions.
This represents a 91% successful rate, amounting to a N5.2 billion lost to bank customers.