Daybreak, Politics, Entertainment, Sport

Tag: Cybersecurity

  • Nigeria Halts Cybersecurity Tax Following Public Backlash

    Nigeria Halts Cybersecurity Tax Following Public Backlash

    By Milcah Tanimu

    The Nigerian government has decided to halt its proposed 0.5% levy on domestic electronic transactions, intended to fund national cybersecurity improvements, after facing significant public backlash. This decision comes amidst an ongoing economic crisis that has seen rising inflation and living costs.

    On May 6, the Central Bank of Nigeria had directed financial institutions to start collecting the levy within two weeks. However, due to widespread criticism, President Bola Tinubu announced over the weekend that he would block the tax, and on May 14, a senior cabinet member officially suspended its implementation.

    “The cybersecurity tax policy implementation has been directed by the government to be put on hold, so it has been suspended,” Information Minister Mohammed Idris said, according to Reuters.

    Nigeria, one of Africa’s largest economies, is grappling with severe economic challenges, including over 30% annual inflation, declining international investments, and escalating living expenses. These conditions have left many Nigerians struggling, and the proposed tax would have further strained their finances.

    Wale Ajayi, partner and head of Tax, Regulatory & People Services at KPMG Nigeria, emphasized the need to consider the current economic conditions before implementing such a levy. “The key objective of the cybercrime levy is to ensure there is dedicated and adequate funding to address the growing threats of cyber-attacks,” he stated. However, he noted that the current economic climate does not justify its implementation now.

    Rising Cybersecurity Concerns

    The suspension of the levy raises concerns about Nigeria’s cybersecurity future. The country aims to boost its cybersecurity workforce through initiatives like the Virtual Cyber Hub and the Cybersafe Foundation. Historically, Nigeria has been a hub for cybercrime, particularly social engineering scams.

    The economic downturn could exacerbate cyber risks for citizens and businesses. According to Deloitte’s Nigeria Cybersecurity Outlook 2024, insider-supported attacks may increase due to financial desperation, leading to more cyber-related financial crimes. This situation poses significant risks to enterprises, increasing the likelihood of data breaches and other malicious activities.

    The Cyber Security Experts Association of Nigeria (CSEAN) reported a surge in ransomware attacks in 2023, which are expected to continue in 2024. Additionally, many government assets remain vulnerable to exploits, a situation that could worsen without adequate funding.

    Historical Context and Future Steps

    The cybersecurity levy was initially proposed in legislation passed in 2015 to strengthen Nigeria’s national cybersecurity capabilities. In May 2023, the Central Bank of Nigeria issued a circular instructing banks to collect the 0.5% fee from electronic payments and transfers. The levy was projected to generate about 3 trillion naira (approximately USD 1.9 billion) annually, but the government did not provide a cost justification for the tax.

    Ajayi from KPMG stressed the need for transparency and accountability before implementing such a tax, warning that it might drive citizens to use cash or checks instead. He advocated for combining revenue-raising initiatives with responsible spending and suggested phasing in tax reforms gradually to minimize economic shocks.

    “Combining revenue-raising initiatives with responsible spending practices is essential for fiscal sustainability,” Ajayi said. “It is also important that government consider phasing in tax reforms on a gradual basis to minimize potential shocks to the economy.”

  • Why You Should Exercise Caution When Trusting a ‘.US’ Website

    Why You Should Exercise Caution When Trusting a ‘.US’ Website

    By   Milcah   Tanimu

    In the realm of cybersecurity, it’s crucial to safeguard your privacy, especially on shared Mac computers. CyberGuy is here to demonstrate how you can employ a “Guest User” to bolster your online security.

    Have you ever thought of websites as online real estate, each with its unique digital address? Just like houses in a neighborhood, these addresses signify a sense of place and identity on the internet.

    Most internet users are acquainted with domains like “.com,” “.org,” and “.net” – they are akin to the bustling main streets in our global digital city. However, if you venture into the quieter alleys, you’ll come across domains like “.uk” for the UK, “.ca” for Canada, and ‘.au’ for Australia. Each of these represents a country’s distinct digital territory.

    In the United States, we have “.US” – the digital address that should symbolize the nation’s online presence. Despite its patriotic connotations, recent research suggests that it might not be the safest corner in the virtual world we call the internet.

    Surprisingly, many “.US” domains are registered by foreign entities lacking a legitimate connection to the U.S., using them to deceive and harm unsuspecting internet users.

    So, what should represent the United States and its citizens online is, in fact, being exploited by cybercriminals for launching phishing, malware, and spam campaigns.

    Unpacking the Domain Basics
    Before delving into the matter at hand, let’s start with the fundamentals. Every website has a domain name, essentially its online address.

    While “.com” is universally recognized, country-specific domains like “.US” are meant to signify a website’s association with a specific country. This association typically implies authenticity and trustworthiness, or so one would assume.

    Why the Suspicion Surrounding ‘.US’
    In a surprising turn of events, the “.US” domain, which you’d expect to be one of the safest corners of the internet, has become a hotspot for malicious actors.

    The statistics are alarming. Out of six million phishing reports, 30,000 are directly linked to the ‘.US’ domain. The irony is that this domain is theoretically under the watchful eye of U.S. government regulations.

    Imagine establishing an exclusive club with a strict guest list, only to leave the back door slightly ajar. That’s essentially what the “.US” domain has become.

    Officially, it’s intended for U.S. citizens, entities, or those genuinely connected to the country. However, a closer look reveals that not everyone is rigorously verifying these credentials.

    How Scammers Exploit the ‘.US’ Domain Extension
    Whether through registration oversights or insufficient periodic verifications, these loopholes are a goldmine for scammers. They infiltrate, set up dubious operations, and start using a “.US” domain as if they were U.S. citizens or entities.

    Comparing ‘.US’ to Other Countries in Terms of Security
    When you juxtapose the ‘.US’ domain with its global counterparts, the contrast is striking. Take Germany’s “.de” domain, for instance; it records significantly fewer instances of phishing.

    Meanwhile, countries like Hungary, New Zealand, and Finland have tightened their grip on their respective country domains, implementing stricter controls. This commitment to safety has paved the way for a more secure online environment, leaving the “.US” domain somewhat in the shadows in terms of security.

    Guardians of the ‘.US’ Domain: Are They Doing Enough?
    GoDaddy holds the official registrar role for the “.US” domain, courtesy of a contract with the National Telecommunications and Information Administration (NTIA). However, this doesn’t mean GoDaddy is responsible for all “.US” domains used for phishing or other malicious purposes.

    Some experts have criticized GoDaddy’s management of the “.US” domain, claiming they aren’t doing enough to verify customer identity and location or enforce terms of service against phishing, malware, and other abuses.

    GoDaddy maintains that they take abuse reports seriously and have tools and procedures to combat such attacks. They also assert compliance with the “.US” nexus requirements, which restrict registrations to parties with a connection to the United States.

    We reached out to GoDaddy for a response but received no reply before our deadline.

    Staying Safe in the Digital Neighborhood
    While the “.US” domain may have its dark corners, street smarts can help you navigate the online world safely. Here are some steps to ensure you don’t end up on the wrong side of the digital tracks:

    1. Verify before Clicking: Before clicking on any link or visiting a website, especially from unsolicited emails or messages, scrutinize the URL. If it seems suspicious or contains strange characters or misspellings, steer clear.

    2. Check SSL Certificates: Trustworthy websites have secure connections indicated by a padlock symbol in the address bar or URLs starting with “https://.” Avoid sharing personal information if you don’t see the “s.”

    3. Regular Updates: Keep your computer, smartphone, and software up-to-date, as many updates focus on security and patching vulnerabilities that hackers might exploit.

    4. Employ Antivirus Protection: Install reliable antivirus software on all your devices to detect malware, warn against clicking malicious links in phishing emails, and protect against hacking.

    5. Use Identity Theft Protection: Consider identity theft protection services to monitor your personal information and receive alerts if it’s being misused on the dark web.

    6. Strengthen Passwords and Use 2-Factor Authentication: Avoid using the same password across multiple platforms, employ a password manager, and enable two-factor authentication for added security.

    By following these guidelines, you can enhance your online safety and avoid falling victim to cyber threats.

  • ECOWAS combats cybercrime, trains law enforcement personnel on cybersecurity in Cabo Verde

    ECOWAS combats cybercrime, trains law enforcement personnel on cybersecurity in Cabo Verde

    By Joyce Remi-Babayeju

    In a bid to combat cybercrime and sustain cybersecurity in the sub region, the ECOWAS Commission organized a One Week capacity strengthening training programme for law enforcement personnels from Cabo Verde, The Gambia, Ghana, Liberia, Nigeria and Sierra Leone.
    The training Workshop tagged E- Evidence and Training the Trainers First Responders on Cyber security held in Praise, Cabo Verde from 25- 29 July, 2022.

    The Workshop was organized on the platform of the West African Response on Cyber security fight against Cybercrime OCWAR- C, project in collaboration with the Council of Europe and Interpol.

    The OCWAR-C project funded by the European Union is aimed at improving resilience and robustness of information infrastructure in Member States; increase capacities of relevant stakeholders of Member States in charge of the fight against cybercrime.

    Principal Program Officer Internet, Cybersecurity, and E-applications at the ECOWAS Commission, Ms Folake Olagunju who represented Mr. Sediko Douka, Commissioner for Infrastructure, Energy and Digitalisation,at the opening of the Workshop emphasized the importance of having a coordinated and collaborative approach towards securing ECOWAS cyber space.
    Olagunju urged participants to share their national perspectives and experiences as an opportunity to build bridges and lay the foundation for cooperation with regards to future partnerships.

    She noted that the training be interactive, as she emphazied the need to build human capacities in a harmonized manner across the region.

    Also the European Union deputy head of delegation to Cabo Verde, Mr Ignacio Sobrino Castello re- emphasized that the objectives of the OCWAR-C project is to support the strengthening of the cyberspace of the beneficiary countries and build capacities in the fight against Cybercrime.

    Castello disclosed that in Cabo Verde the EU has contributed in the development of cybersecurity, combatting cybercrime and Digital Economy in general.

    Futhermore he stressed the need for enhanced cooperation between ECOWAS Member States and the ECOWAS commission and international partners.

    The Secretary of State for Digital Economy of Cabo Verde, Mr Joel Almeida, Advisor to the secretary welcomed all participants to Cabo Verde and reaffirmed Cabo Verde’s commitment to playing its part in the region’s cyber ecosystem.

    He indicated that the Cabo Verde’s national cybersecurity strategy contains concrete implementation actions that are in line with the ECOWAS Regional Cyber strategy adopted in 2021.
    He also stated that the national cybersecurity centre and CSIRT-CV are underway.

    He commended the organisation of the forthcoming first ECOWAS Regional Hackerlab Challenge scheduled to hold from 10 – 12 October 2022 as a great opportunity to bring the community together to spark interest in the ongoing challenges of keeping the region cybersecure and as a means of finding young talent who are ready to be next generation of skilful cybersecurity workforce.

  • UNICCON Group Launches Cybersecurity Service Worth 45 Million Dollars

    UNICCON Group Launches Cybersecurity Service Worth 45 Million Dollars

    Uniccon Group, a foremost cloud infrastructure and cybersecurity services company in Abuja has offered corporate organizations and government institutions free cybersecurity services ;LOSSLESS SECURITY worth 40M dollars in value. This includes protection, fraud detection, back-up, porosity alert, restoration of resources and productivity lost to downtime, efficient user experience on web and App, and consistent patching. The offer lasts up until May 31, 2022.

    Chuks Ekwueme, CEO made the offer during a National Press Conference held at the NUJ FCT Secretariat. In attendance were the representatives of the Minister of Science, Technology and Innovation Dr. Ogbonnaya Onu and Galaxy Backbone’s CEO; Prof. Mohammed Abubakar and various organizations. They endorsed the service and offered collaborations, called on other stakeholders to patronize the service and not look to the west for solutions.

    LOSSLESS SECURITY is comparable to top cybersecurity solutions used by Corporate Organizations and Security agencies worldwide. It is part of the Company’s corporate social responsibility to stave off the emerging terror of cyber-attacks, prevalent in recent times.

    Uniccon Group demonstrates competence in the provision of AI and Robotics, cloud infrastructure, cybersecurity to organizations across continents. It has participated in Bug Crowd and Security Bounties; a platform where it submits to global ethical hacking to ascertain their level of vulnerability. It partners global security and compliance organizations. As a Platform as a Service (PaaS) provider, it houses the most advanced cloud resources with nodes across US, Europe and Asia. A large clientele base of local and foreign organizations attests to an unmatched experience in the niched industry. Benchmarked as grade A in security and cloud resources after rigorous testing.

    Uniccon Group calls on corporate bodies, government institutions and agencies who are vulnerable to cyber attacks to reach via www.uniccongroup.com for the service. A platform launched at https://lossless.uniccongroup.com is for the community to submit bugs, vulnerabilities and find solutions to this cyber plague.