Nigerian companies record 2nd highest percentage of global cyberattacks

·
July 17, 2020
·
4 min read

It’s the year of the pandemic, and besides the ensuing economic effects, it appears companies around the globe are dealing with increased rates of cyberattacks. Unfortunately, African countries seem to be major targets.

As businesses embrace emerging technology solutions like Internet-of-Things (IoT), Artificial Intelligence, and cloud computing, their exposure to cyberattacks has increased.

In a recent survey (PDF), Sophos Group plc, a British security software and hardware company, revealed that 86% of Nigerian companies fell prey to cyberattacks within the past year. The second highest percentage recorded globally after India and much higher than in South Africa with 64%.

This survey made use of data from 65 Nigerian companies that host data on public cloud-based services like Azure, Oracle, AWS, Alibaba cloud, and others.

This means, about 56 out of 65 companies fell prey to various forms of cyberattacks such as malware, ransomware, and data leaks over the past year.

According to Sophos' report, Nigeria had the highest percentage of data leakages worldwide, and ranks in the top five for other forms of attacks: Ransomware, malware, cryptojacking.

Here is the percentage breakdown of cyberattacks on Nigerian companies according to Sophos' survey.

  • Data leaks: 57% reported exposed data
  • Malware - 5th: 47% reported malware attacks
  • Ransomware - 5th: 34% of companies hit with ransomware
  • Stolen account credentials - 2nd: 46% reported stolen credentials
  • Cryptojacking - 2nd: 26% reported cryptojacking

It is important to note that fewer companies were surveyed in Nigeria compared to several others on the list like South Africa (157) or India (227)

Surveyed countries sophos
Countries surveyed in Sophos' report; Source: Sophos

How were companies attacked?

The surveyed companies got hacked through varying methods. For Nigeria, the major loophole was through a misconfiguration in the company’s server. About 64% of companies were attacked through this means, while 36% was through stolen credentials.

Be the smartest in the room

Join 30,000 subscribers who receive Techpoint Digest, a fun week-daily 5-minute roundup of happenings in African and global tech, directly in your inbox, hours before everyone else.
Digest Subscription

Give it a try, you can unsubscribe anytime. Privacy Policy.

cyberattacks
How companies across the globe were attacked. Source: Sophos Whitepaper

While this is not good news, this trend is hardly surprising. Other research bodies also tell similar stories.

A 2019 report by Serianu revealed that Africa lost $3.5 billion to cyberattacks. In that report, Nigeria was the hardest hit with losses of $649 million, followed by Kenya with $210 million, and Tanzania with $99 million.

Global consulting firm, Deloitte, asserts cyberattacks in Nigeria were fewer in 2019, but losses were much higher. A trend the global audit firm expects to continue in 2020.

Why is this happening?

cyberattack cybercriminal
Photo by Bermix Studio on Unsplash

Knowbe4, a security training solutions provider, asserts that the growth of digital services in Africa’s largely unregulated environment has made the continent an easy target for cyberattacks.

In our earlier piece, we revealed that hackers now have access to data from some major Nigerian universities, and from our findings, none of them seemed to care. This is despite the existence of the Nigerian Data Protection Regulation (NDPR), that’s meant to make organisations handle data more responsibly.

Cybersecurity has been a pesky puzzle amongst Nigerian companies, and it has largely been treated with secrecy. Most of them hardly report data breaches, and companies rarely share information with each other when they happen.

Deloitte asserts that in 2020, Nigerian companies will begin to collaborate more to tackle issues of fraud and cyber threats, and so far, a few efforts have been made.

A few months ago, Voyance, a Nigerian data science startup launched Sigma, a somewhat collaborative platform that could help fintech companies blacklist cybercriminals and share the information.

Another Nigerian Startup, Karma.ng also operates a similar method to help tackle fintech fraud.

On training employees and serious regulatory backing

26683792493 9db306b205 b
Photo Credit: weiss_paarz_photos Flickr via Compfight cc

However, in our discussion with a founder of a defunct fintech startup, such initiatives will also need the efforts of regulators to yield the desired results.

Small companies, as well as large organisations, still experience cyberattacks, and solutions might not be arrived at in individual bubbles.

Sophos' report reveals that European countries were the least attacked globally, a scenario the firm attributed to the continent's General Data Protection Regulation (GDPR).

Interesting strides have been made with Nigeria's NDPR, but it appears more efforts towards implementation is needed to make Nigeria more resilient to cyberattacks.

Also, as companies find ways to ensure that they are NDPR compliant, Microsoft recommends that employees are given sufficient training to make them the first line of defence against cyberattacks.

Considering the effects of the pandemic, and the growing digital adoption, this should be taken seriously by both businesses and regulators alike.

Featured Image Credit: Visual Content Flickr via Compfight cc


Got a tip? Our journalists are ready to dig deeper. Please share your insights and information and help us uncover the stories that matter.

I help Nigerian fintech companies understand consumers, acquire and retain paying users | Telling stories at Moniepoint, Techpoint Africa.
I help Nigerian fintech companies understand consumers, acquire and retain paying users | Telling stories at Moniepoint, Techpoint Africa.
Subscribe To Techpoint Digest
Join thousands of subscribers to receive our fun week-daily 5-minute roundup of happenings in African and global tech, directly in your inbox, hours before everyone else.
This is A daily 5-minute roundup of happenings in African and global tech, sent directly to your email inbox, between 5 a.m. and 7 a.m (WAT) every week day! 
Digest Subscription

Give it a try, you can unsubscribe anytime. Privacy Policy.

I help Nigerian fintech companies understand consumers, acquire and retain paying users | Telling stories at Moniepoint, Techpoint Africa.

Other Stories

43b, Emina Cres, Allen, Ikeja.

 Techpremier Media Limited. All rights reserved
magnifier