Election: Global attack map contradicts Pantami’s 12.9m hacking claim
The 12.9 million cyberattack claim by Isa-Ali Pantami, minister for communication and digital economy, has raised questions, as the global cyber-attacks map shows there was no sign of such attacks in Nigeria.
Pantami, in a statement released by his spokesperson, Uwa Sulaiman, claimed that a total of 12,988,978 attacks were recorded, originating from both within and outside Nigeria, in the course of the presidential election on February 25.
According to the global cybersecurity map by Konbriefing Research, a cybersecurity firm, Nigeria did not make the list of countries affected by cyberattacks in February.
The 27 countries affected include USA, Germany, Switzerland, Belgium, India, Sweden, Italy, Russia, Canada, Australia, Ireland, UK, Ukraine, Australia, Singapore, South Africa, Spain, Algeria, Brazil, Colombia, Denmark, Greece, Israel, Mali, Morocco, Poland.
The figure released by the minister has however raised concern as Nigerians have questioned the possibility for such a number of attacks occurring within a short period, while cybersecurity experts who spoke to BusinessDay shared their views on it.
A Twitter user identified as Ike Ihiala on his official Twitter handle said, “In this age where digital information is accessible to all, Nigeria’s Minister of Communications and Digital Economy, @ProfIsaPantami, claims Nigeria witnessed over 6,997,277 cyber attacks on February 25, 2023”
“Verified global cyber attacks maps from February 1, 2023, to February 28, 2023, show there were no such attacks on Nigeria’s cyberspace nor any of its public agencies.”
A cybersecurity expert who asked not to be identified said if the global attack map has no records of such attacks, the government needs to do some more explaining.
“It’s hard to believe they are the only ones that know about such attacks. Typical, when such attacks happen, many other organisations will know about it. They may have to throw more light with evidence of such reported attacks,” he said.
Abasiofon Isang, a cybersecurity analyst, said a cyber threat map, also known as a cyber-attack map, is a real-time map of the computer security attacks that are going on at any given time and have valuable tools that give information on how to stay ahead of attacks including Imperver, Netscout, Talos, and SonicWall.
According to him, the information illustrated on the map is extracted from on-demand scans, web scans and e-mail detections of anti-malware user and other sources like Honeypots, IPS and firewalls set up to deter attackers from gaining access, but log attacks.
“With the definition of a cyber-threat map and how it functions, it is obvious to any critical thinker that almost every device hosted on the internet with a form of cyber-threat protection would have any cyber-attacks logged on the global threat map. Only a network not hosted on the internet can fully escape the sight of the global threat maps,” Isang said.
The analyst said it is impossible for a verified cybersecurity map to not record 12 million attacks in Nigeria’s cyber space.
“The question to be asked is, ‘Were the INEC servers hosted on an offline network?’ I would beg to differ; the claim is they experienced both internal and external threat. This would imply that they were hosted on the internet.”
Gbolabo Awelewa, CTO and country manager, Infoprive Group, said the global cyber-attack map may only show data for specific type of attacks, such as malware, phishing and exploits, while Pantami may be referring to all types of cyber-attacks like SSH login attempts, DDOS and Bruteforce attacks.
Read also: INEC’s budget for BVAS surpasses market cost by 30%
He said the number of reported attacks can vary depending on the type of attacks and how it is categorised.
“It is not possible to miss six million attacks in a day, let alone 12 million cyber attacks that occurred within the election period. But due to the fact that the global threat map picks mostly malware, phishing and exploits, it won’t pick these attacks highlighted by Pantami. Also, the threat map uses data from their intelligence like Fortinet threat map, Kaspersky threat map, checkpoint threat map. Except we are aware of the particular OEM used, we cannot confirm,” Awelewa said.
He said most of the data tools are internet-facing and some data sources do not reflect on the global data map. Citing the result viewing portal of the Independent National Electoral Commission as an example, he said if attacked at the moment, it will not reflect on the global data map due to points stated earlier.
“In order to adopt the introduced electronic system of voting, cybersecurity has to be heightened. Most global threat maps source their data from their internal tools and other affiliated tools (their partners).”