The latest report released by Cyber Security Experts Association of Nigeria (CSEAN), has forecasted increase in cyber threats in 2023 in Nigeria, which is an election year.
CSEAN, an advocacy group on all matters relating to information security in Nigeria, said although the expected rise in cyber threats would cut across globe in 2023, it however said Nigeria became peculiar, owing to government's weak responses to cybersecurity issues, outdated government computing resources, upcoming 2023 general elections, the economic situation in the country, lack of transparency in reporting security breaches, increase in the emigration of cybersecurity professionals, and a lack of coordination among organisations within the same sector.
The report said cyber security experts, in 2022, saw a significant increase in the complexity and impact of cyber threats worldwide, including Nigeria, which formed the basis for CSEAN's collection and analysis of data from various sources, to present its forecast of cyber threats for 2023.
Analysing the report, one of the team members, Oluwafemi Osho, said the cyber threats were categorized under two sections: Election-related threats and Regular and emerging threats.
According to Osho, "I the area of 2023 elections and the deluge of cyber threats, it is expected that there will be a significant amount of misinformation and disinformation circulated through social media platforms in the run-up to, during, and after the 2023 general elections. We are very likely to experience the weaponizaon of manipulated information to influence people's perceptions and behaviours in relation to the elections. This can seriously affect the integrity of the electoral process and undermine public trust in democratic institutions. Disinformation, specifically related to the elections, is likely to increase, with political parties potentially hiring foreign actors to create and disseminate false or misleading information."
Osho therefore advised social media platforms and government agencies to take steps to address the spread of misinformation and disinformation, such as through fact-checking efforts and public education campaigns.
Another team member, John Odumesi, explained that in the past, Nigerian elections have been marred by instances of hate speech and threatening expressions by politicians. "This trend is highly likely to continue as the 2023 general elections draw closer. Hate speech language can incite violence and create a toxic political environment. Political actors need to refrain from using hate speech and promote a respectful and peaceful campaign. It is also the responsibility of the government and relevant authorities to take action against hate speech and ensure that the elections are conducted in a fair and peaceful manner," Odumesi said.
Other team members from CSEAN, Hamzat Lateef and Hassanat Abdulraheem, were of the view that the public has the right to accurate and reliable information to make informed decisions about their leaders. "Regrettably, we have seen reports of private information being made public to malign individuals or groups. There have also been instances where true information was shared out of context in an attempt to mislead the public. Over the next year, we will witness more of such occurrences in the lead-up to the elections. Such behaviours are unethical and can create a toxic political environment. Politicians have the responsibility not only to provide accurate and reliable information to the public but also to refrain from sharing private or true information out of context to mislead the public," they said.
In the area of regular and emerging threats, the report envisaged an increase in the exploitation of computing resources of government establishments for malicious use. The report further explained that more government-related data would be ex-filtrated.
"Based on the data gathered this year, we found threat actors ex-filtrating critical information and maliciously leveraging government computing resources, including mining cryptocurrency and setting up Internet Relay Chat (IRC) platforms. Findings also revealed activities related to credential the and backdoor setup. Threat actors leverage outdated and vulnerable internet-facing applications in most of these identified facilities. Government establishments need to be aware of these potential threats and take steps to secure their computing resources and protect them against data ex-filtration. This may involve regularly updating and patching internet-facing applications and systems to ensure they are not vulnerable to exploitation," the report said.
As one of the most common attacking tools preferred by cyber threat actors, malware will continue to be relied on by the actors in 2023. If they want to be secure from malware infection, individuals and organizations will do well to keep their operating systems and software up to date, adopt a strong password policy, ensure periodic backing up of data, and be cautious with clicking links, the report further said.
The report explained that small and medium-sized enterprises (SMEs) suffered increased password stealing, Internet and Remote Desktop Protocol (RDP) attacks in 2022, compared to 2021, and that the trend would likely to continue in 2023. The report therefore advised that SMEs must be aware of the cyber risks associated with their business and take necessary steps to protect their systems, since SMEs may be easier targets for cyber threat actors for several reasons.