The face-off between Russia and Ukraine has not only resulted in a physical war, but has gradually turned into a cyber war and seemingly creating cybersecurity tensions for many countries, writes EHIME ALEX
Recently, the United States called on private companies and organisations to “lock their digital doors”, on the claim that Russia was planning a cyber-attack on the country, according to a report by the British Broadcasting Corporation. The United Kingdom’s cyber authorities are supporting the White House’s call for increased cyber security precautions, it added.
But Russia denied the accusations, which it tagged “Russophobic”, as no country had stated precisely or given any evidence of cyber attack. It claimed it was an intelligence suggestion.
Russia remains a cyber superpower with a serious arsenal of cyber tools, as well as hackers capable of disruptive and potentially destructive cyber attacks, BBC noted.
This is even as CNBC also reported, recently, that hordes of Ukrainian coders were splitting their time between their daily jobs and a cyber war with Russia.
“Over 311,000 people have joined a group called ‘IT Army of Ukraine’ on the social media platform, Telegram, where Russian targets are shared.”
Cyber security incidents are a matter of “when”, not “if”, said Gartner, a technological research and consulting firm. A report by the company shows that 10 per cent of breaches involved ransomware in 2021 and the number is expected to rise in 2022, urging all security and risk management leaders to be prepared.
Already, there is a projection by Cybersecurity Ventures that cybercrime will cost companies worldwide an estimated $10.5tn yearly by 2025, from $3tn in 2015, at a growth rate of 15 per cent year over year.
Increasing cyber threat
In its 2021 edition, the African Cyberthreat Assessment Report had identified online scams, digital extortion, business email compromise, ransomware and botnets as the five most prominent threats in Africa.
PricewaterhouseCoopers, a multinational professional services network of firms, in its 2022 Global Digital Trust Insights, stated that while 2021 was shaped up to be one of the worst on record for cybersecurity, the risks are increasing.
According to PwC, more than 50 per cent of the organisations it surveyed expect a surge in reportable incidents in 2022 above 2021 levels.
“The consequences for an attack rise as our systems’ inter-dependencies grow more and more complex. Critical infrastructure are especially vulnerable. Yet, many of the breaches we see are still preventable with sound cyber practices and strong controls,” PwC, considered as one of the Big Four accounting firms, stated.
Sound cyber practices
According to the Financial Crimes Enforcement Network report, the average amount of reported ransomware transactions per month in 2021 was $102.3m. The year witnessed unparalleled ransomware attacks with the rise of Ransomware-as-a-Service groups on the darkweb.
Following Russia’s invasion of Ukraine, FinCEN raised the alarm that a cybersecurity threat might emanate from the aggression, warning financial institutions to be vigilant against efforts to evade the expansive sanctions and other U.S.-imposed restrictions in connection with the invasion.
It urged financial institutions to refer to its previous reports and other relevant recent resources, noting Russian and other ransomware and cybercrime activities for a range of indicators to help detect, prevent, and report potential suspicious activity.
The Nigeria Cybersecurity Landscape in 2022 would be interesting for both sides of the divide – the threat actors and the “defenders”, Deloitte Nigeria envisaged in its Nigeria Cyber Security Outlook 2022, urging organisations to re-strategise to catch up and protect themselves.
According to the company, one of the specific events likely to be witnessed is that as partnerships among businesses increase in 2022 and beyond, third party risks will be one of the items on the front burner for many organisations in Nigeria when planning to manage cybersecurity.
According to Deloitte, 2022 is not a year to live in denial regarding the impact of cybersecurity on businesses or organisations, as no organisation is too small or too big to be attacked.
It added, “To properly manage the risks associated with third parties, organisations should consider business continuity, interface security and integrity, personnel security, and information security hygiene.”
Ahead Nigeria’s general elections
Digital activism has transformed cybersecurity in the last two decades, becoming more prominent now with social media being its primary weapon. This could be attributed to the fact that many have considered social media a relatively safer and quicker space to run campaigns and protests, as there is a large base of Internet users.
Deloitte stated, “In the last decade, Nigeria recorded several notable digital activisms via social media, such as the #BringBackOurGirls and the #EndSARS movement of 2020, which raged across the world with nearly 30 million tweets in 48 hours. It is noteworthy that even the popular nationwide movement of 2012, Occupy Nigeria, was greatly inspired by social media.”
In addition to social media activism, the firm warned that government and public institutions were likely to face cyber attacks from hacktivists, “mainly consisting of disgruntled Nigerian youths geared towards making loud statements against the current socio-economic issues they face, as in the case of the #EndSARS.”
As it happened in the U.S. elections in 2020, where a lot of fake news were published to discredit the two leading contenders, Deloitte envisaged a spike in the number of fake social media accounts that would be opened to propagate misinformation in Nigeria.
It added, “The Nigerian government would have to take case studies from the experiences of the U.S. and other countries. As we approach the 2023 elections, we can expect to see a new wave of various socio-political movements and hacktivism, and we expect public institutions to improve their cybersecurity posture in preparation for these.”
Investments need to continue to pour into cybersecurity, says PwC. It reported that 69 per cent of organisations predict a rise in cyber spending in 2022 compared to 55 per cent in 2021. Also, that more than a quarter or 26 per cent of the organisations surveyed predict cyber spending hikes of 10 per cent or more as against eight per cent last year.
At the seventh edition of the Dakar International Forum on peace and security in Africa, the Founder of Ciberobs, Franck Kie, said “the time has come for Africa to act” in terms of regulation, investment in infrastructure and human resources to address the challenges of cybersecurity.
According to Kie, in the last 20 or 30 years, Africa has had the opportunity to think about the future threat of cyber attacks, which could have resulted in many things that could have been avoided as of now.
He told CNBC Africa that the perfect time for Africa to take action in terms of regulation, in terms of investment in infrastructure and human capacity could be grabbed now to prepare ahead of the next 10 or 20 years and save the continent from any huge issue that might arise in future.
He said, “Today, the cyber space is occupied by many entities and organisations, even governments, and we must, right now, take some actions to avoid being in a catastrophic situation in the next few years.
“If Africa is determined to tackle the issue of cyber security, then it must invest massively in its youth population.”