Cybersecurity and Nigeria’s unpleasant record
Cybersecurity and Nigeria’s unpleasant record
By Kayode Adebiyi, News Agency of Nigeria (NAN)
The African Perspectives on Cyber Security Report 2025, released by Check Point Software Technologies, indicates that Nigeria records an average of 4,200 cyberattacks each week.
According to the report, the figure is higher than the continental average of 3,153 and 60 per cent above the global baseline of 1,963 attacks per organisation per week.
The report also linked Nigeria’s position to exposed identities, misconfigured systems, and the growing use of artificial intelligence by cybercriminals.
The global cybersecurity solutions provider said the report marked a critical step in addressing 2025’s most pressing cyber threats and trends.
The threats include the destructive nature of cyber wars, evolving tactics of ransomware actors, the rising tide of infostealers, increased targeting of edge devices, and vulnerabilities within cloud infrastructures.
Some of the critical sectors identified in the report as main targets for cybercriminals by exploiting exposed identities and misconfigured systems are finance, energy, telecoms, and government departments.
Cyberattacks have become a major concern for data security worldwide, and, according to the Global Threat Index, attacks on government agencies and organisations are on the rise in Nigeria.
According to the Cyber Security Experts Association of Nigeria, there could be a further rise in insider threats in the coming years, driven by the malicious use of Artificial Intelligence.
Experts say beyond data theft, attacks cause productivity loss, business interruption, and hinder investment, stating that the situation calls for a move from reactive to predictive security by embedding security into digital systems from the start.
They also said working together with law enforcement would be crucial in tackling and legally pursuing cybercrimes.
This is why the Cybersecurity Act 2024 (originally enacted in 2015) was established to create a comprehensive and unified legal, regulatory, and institutional framework for the prohibition, prevention, detection, prosecution, and punishment of cybercrimes.
The idea is also to ensure the protection of critical national information infrastructure and promote cybersecurity and the protection of computer systems and networks, electronic communications, data and computer programmes, intellectual property and privacy rights.
The act created the Cybercrime Advisory Council (CAC) comprising representatives of the Ministries, Departments and Agencies listed under its First Schedule.
The council is saddled with the responsibility for the formulation and provision of general policy guidelines for preventing and combating cybercrimes, and the promotion of cybersecurity in Nigeria.
As chairman of the council, the National Security Adviser, Malam Nuhu Ribadu, emphasised commitment to the implementation of the National Cybersecurity Policy and Strategy (NCPS), a document that provides a framework for the act.
Some stakeholders say the present administration is interested in securing Nigeria’s cyberspace, thereby developing a protection plan for Critical National Assets and Infrastructure (CNAI).
They cited the “Designation and Protection of Critical National Information Infrastructure (CNII) Order, 2024,” Executive Order signed by President Bola Tinubu, as the government’s commitment to tackling cyberattacks.
Nigeria is also one of the 114 national governments that have adopted cybersecurity strategies and 118 that have established national Computer Security Incident Response Teams (CSIRTs).
Cybersecurity experts say protecting CNII is a key component of overall national security and that a robust digital economy relies heavily on cybersecurity.
They warn that cyber attackers now target critical national infrastructure such as oil pipelines, communication installations, hospitals and military facilities etc, thus making cybersecurity assume an important national security dimension.
Read Also: Youth Scorecard Ranks Sen. Lawan Highest in Yobe 2027 Leadership…
The establishment of the Nigerian Computer Emergency Response Team (ngCERT) and the National Digital Forensic Laboratory has also been lauded as part of efforts to tackle cyberattacks.
However, experts say considering the cross-border nature of cybersecurity threats, there is a need for synergy and effective collaboration with the international community to tackle the ever-increasing challenge.
Mr Jude Olabori, a cybersecurity expert, said tapping Nigeria’s digital economic potential depended greatly on cybersecurity, which itself relied on collaboration and support.
“Section 41(2b) provides for conformity of the Nigerian cybercrime and cybersecurity laws and policies with regional as well as international standards.
“The objective is to support and be part of international cooperation in addressing the menace of cybercrime,” he said.
Others say the five pillars of the Strategic Agenda (2023-2027) of the Ministry of Communications, Innovation and Digital Economy will only achieve the aim of boosting Nigeria’s economic growth if they are founded on adequate cybersecurity.
Mr Charles Oluma, a cybersecurity expert, provided further insights.
“The five pillars Dr Bosun Tijani, Minister of Communications, Innovation and Digital Economy, is building the digital economy on are Knowledge; Policy; Infrastructure; Innovation, Entrepreneurship and Capital; and Trade.
“He has said he wants the ministry to emerge as a reputable public sector ecosystem that would enable Nigeria’s economic growth through enhanced productivity, facilitated by technological innovation.
“I can tell you that none of those pillars stands a chance in the absence of a strong and ever-evolving national cybersecurity,” he said.
In November, Surfshark, an Amsterdam-based cybersecurity firm, reported that Nigeria ranked the 16th most breached country in Q3 2025, with 408,900 leaked accounts.
Sarunas Sereika, Senior Product Manager at Surfshark, said the increase in AI tools meant that even minor data breaches could be leveraged at scale.
“Previously, exploiting leaked data required significant technical skill, but AI has lowered the barrier to entry.
“AI now allows malicious actors to rapidly analyse and weaponise even seemingly insignificant data, transforming leaked names, addresses, and preferences into highly personalised attacks,” he said.
According to Cybersecurity Ventures, digital economic growth was projected to hit an annual 10.5 trillion dollar this year, which also means an increase in the cost of cybercrime.
While some stakeholders suggest that rising cybersecurity attacks indicate high cyberactivity, Nigeria cannot afford to gain a reputation as a country with widespread poor cybersecurity.
The vision of the NCPS is “A safe, secure, vibrant, resilient and trusted community that provides opportunities for its citizenry, safeguards national assets and interests, promotes peaceful interactions and proactive engagement in cyberspace for national prosperity.”
Key findings of the African Perspectives on Cyber Security Report show that attackers use AI for sophisticated phishing/identity theft, ransomware, and exploiting cloud vulnerabilities.
They also demonstrate that they are outpacing security frameworks as digitalisation expands.
The report concluded that there is a need for a shift to preventive, collaborative security, focusing on strong legal frameworks and securing trust in digital transformation.
It is experts’ view that with a strong political will and strict implementation of the Cybersecurity Act 2024, Nigeria’s cybercrime challenge can be optimally addressed. (NANFeatures)
