By Milcah Tanimu
Nigeria is experiencing an alarming number of cyber-attacks, with organisations facing an average of 3,759 incidents weekly, according to the 2024 African Perspectives on Cyber Security Report by Check Point Software Technologies. This figure far exceeds the global weekly average of 1,876.
The report highlights Nigeria’s increasing vulnerability as it accelerates its digital transformation across critical sectors, including finance, government, and education. Ransomware has emerged as the most significant cyber threat, targeting public and private entities by exploiting zero-day vulnerabilities. Other major threats include botnets, information stealers, and banking malware, which increasingly target financial data and network infrastructure.
Nigeria’s Financial Sector Hardest Hit
The financial sector bears the brunt, suffering an average of 4,718 weekly cyber-attacks—the highest among all sectors. Weak multi-factor authentication systems and outdated banking infrastructure make financial institutions particularly vulnerable. A case study in the report details a major phishing attack in March 2024 that compromised over 10,000 accounts at a leading Nigerian bank, resulting in a $3 million loss and significant reputational damage.
Government and Education Sectors Under Siege
Government institutions face an average of 1,791 cyber-attacks per week, with ransomware and botnets posing the greatest threat. Vulnerabilities like remote code execution have left the sector exposed, with attacks often aiming to disrupt national security and economic operations. The education sector is also under attack, with 1,682 weekly incidents, primarily from phishing and malware. A lack of cybersecurity training for staff and students worsens the sector’s vulnerabilities.
Increasing Threat Sophistication and the Need for Cybersecurity Reforms
The report underscores the growing sophistication of cyber threats, with Africa seeing a 90% year-over-year increase in ransomware attacks. Nigeria’s reliance on digital platforms has made it a prime target, with threat actors leveraging technologies like generative AI for more precise attacks. The report calls for urgent reforms, including advanced authentication protocols, stronger encryption, and ongoing cybersecurity training. Advanced AI-driven solutions are being deployed, but continued investment in cybersecurity infrastructure is essential to protect critical sectors from future threats.
