Cyber security experts have advocated for a strong regulatory and enforcement frameworks in order to address low attribution and deterrent of cyber-attacks in the country. Kenneth Okereafor, cybersecurity and biometric expert, said, that poor cybersecurity attribution is one of the major reasons for the consistent rise of cybercrimes in Africa. Nigeria and Nigerians are daily victims of cyber-attacks with huge financial, reputational and legal consequences.
“Cybersecurity attribution involves the entire process of tracking, identifying, laying blames on, and possibly punishing the perpetrators of cyber-attack or other computer hacking exploits that have significant impact on the economy and our daily lives. “Crime strives faster in any society where checks are ineffective, poorly applied or non-existent. Cybersecurity consciousness is essential to prevent, detect and respond to cyber-attacks and other breaches in the cyberspace. Without deterrent measures, cybercriminals become emboldened to attack vulnerable targets,” he said.
He urged regulatory agencies to develop strategies for monitoring cybersecurity policy implementations and for responding to the dynamics of the cyberspace in Nigeria and around the continent. “Organizations in the public and private sectors should desist from withholding the reporting of cyber breaches for fear of reputational backlash or regulatory sanctions” he added. William Makatiani, managing director, Serianu,added that cyber- attacks in Nigeria and Africa will continue to be on the increase as long as cyber and electronic frauds are not attributed.
“Security is complicated because there is local aspect around securing systems; most of our fraudsters live here. There is no way somebody will come from the US and secure it, that is the hard work. We need somebody to understand how these people are doing it. Only locals can do it. “When it comes to preparation we are not ready because we don’t have enough skills. More so, we are not ready to fight cyber-crime, because we are not collaborating. If you are Bank A and I’m Bank B, if you get compromised you keep quiet if it insurance you go get compensated you will not tell Bank B and Bank B will get hit, it really empowering the hackers now they know they can get away with all these attacks.
“When it comes to attribution we are poor just 2 per cent, there is no single attack that has be successful attributed. If it comes to attribution of attacks happening in different countries in Africa it is not easy to attribute it to somebody, attribution is a challenge. “Deterrent requires law enforce and it is where we are really struggling. Law enforcement agents are not working together you find judiciary, national intelligence or Army working in variance that is the biggest cyber security problem,” he said.
Ike Nnamani, president, Demadiur Systems, said that the implication of this scenario allows the cyber criminals to get away with the crime if it is not reported to law enforcement agencies. “When it is not reported it will be difficult to put the right policies in-place to prevent future occurrences. When it is unsolved, it shows that the right regulatory and legal policies are not yet in-place to ensure that law enforcement agents can prosecute offenders and get them punished,” he added.