New data released by the National Bureau of Statistics (NBS) on Monday confirmed what is already obvious, that the number of active internet users in Nigeria is growing at breakneck speed. Users are seizing every cheap phone opportunity to leapfrog the digital revolution, in which Nigeria already seems to be lagging behind.
In the fourth quarter (Q4) of 2018, active internet users grew by 13.6 per cent reaching 112.1 million compared to 98.7 million in the same period in 2017. On a quarter-on-quarter basis it rose marginally by 5.3 per cent from 106.5 million in Q3 2018. Mobile phone penetration at 93 per cent accounts for majority of the internet usage.
That amount of internet users is no mean feat especially when put in the context of being the combined population of at least African countries including South Africa (estimated 54million), Ghana (27 million), Rwanda (10 million), Tunisia (10 million), and Mauritius (1.2 million). It has also become a rallying point for authorities in Nigeria when marketing the country’s potentials to investors.
Nonetheless the inability to strengthen Nigeria’s cyber security framework has meant that millions of citizens who are embarking on the journey online are exposed to the increasing threats of cyber criminals. Lost in the digital euphoria, they hardly ask questions about data protection and privacy.
Nigeria leaped from 5th place in 2017 to third in 2018 in terms of top 10 countries by share of users attacked by mobile malware, according to researchers at Kaspersky Lab. The report showed that in 2018 there were 116.5 million cyber attacks, compared to 66.4 million in 2017, with a significant increase in unique users being affected.
Nigeria at third place accounted for 37.72 per cent of these attacks. Three other African countries joined Nigeria in the global top 10. For instance, Algeria finished in 5th place with 35.06 per cent, Tanzania came in 8th with 31.34 per cent and Kenya was 9th accounting for 29.71 per cent of the attacks.
The researchers said smartphones have become easy targets as their role in business processes and day to day life grow.
“In 2018, mobile device users faced what could have been the fiercest cybercriminal onslaught ever seen,” says Victor Chebyshev, security expert at Kaspersky Lab. “Over the course of the year, we observed both new mobile device infection techniques, such as DNS hijacking (http://bit.do/eKudD), such as along with an increased focus on enhanced distribution schemes, like SMS spam.”
Today’s cyber criminals are sophisticated and have found new ways to penetrate security measures all the time. As a result, a growing number of entities, from small companies to the federal government, are at risk of losing data, money and their reputation.
Enyioma Madubuike, founder of LegitNg, a legal firm, told BusinessDay that the Kaspersky report underscores the need to firm up data protection and security laws for Nigerian institutions responsible for consumers’ data.
Cybercrimes in various forms (Phishing, Botnet, E-bank theft, online credit card theft, etc) are punishable offences in many countries. To be sure, cybercrimes are criminal activities where activities where computers, network or electronic information technology devices are the source, tool, target or place of crime. They are carried out by way of illegal access into another’s data base, illegal interception, data interference, system interference, misuse of devices, forgery and electronic scams.
In China, as well as in many African countries, punishment for cybercrimes can fetch up to five years imprisonment.
Like most of these countries, Nigeria also has a cybersecurity law. The Nigerian Cybercrime Act 2015 is the first federal law created specifically to deal with the criminal threats and issues facing the digital age. Its objective is to provide an effective, unified and comprehensive legal, regulatory and institutional framework for the prohibition, prevention, detection, prosecution and punishment of cybercrimes in Nigeria.
Despite the law’s existence, criminals have carried on business as usual and – as the Kaspersky report clearly shows – have become emboldened. The cybersecurity law has hardly been enforced or sent any offender to prison.
“A serious cause for concern is that data protection regulation and awareness is not measuring up to uptake of new technologies,” Madubuike said.
Cybercrimes have negative implications for everyone which is why big tech companies like Google, Facebook, Amazon and Microsoft are committing enormous resources to fight back criminality some of which are perpetrated using their platforms.
Without a solid cyber security framework and management to provide protection, Nigeria’s growing internet users represent a windfall for cyber criminals. The release of the CBN Cyber Security Framework in 2018 to essentially drive security within banks and payment service providers (PSBs) was a step in the right direction. However, like the Cybersecurity law, the CBN will need to take enforcement and education very serious.