Connect with us

TechINFLUENCERS

ESET Cybersecurity Warning Ahead 2019 Election: INEC Cannot Afford to be Hacked- Ake

Published

on

 

Cyber security was taken to an unprecedented level in 2017 with lots of twist with respect to security which centres not only on providing security software but on the practise of the user or the administrator as applicable. Lots of threat emerged with increase in variety of designs; the likes of wearable technology and IoT. These technologies depend majorly on internet/cloud to function effectively hence becomes playground for Data theft, virus infiltration even some companies still had to pay to regain access to their data-ransomware.

In Nigeria, the story is not different, particularly as the nation prepares for the 2019 general elections- cybersecurity is now more important to prevent sabotage of the system.

In this interview with TechEconomy.ng, the Country Manager, ESET, Nigeria & Ghana, Mr. Olufemi Ake, gives insight on how to prevalent cyber-attacks have become in this region and how to proactively contain them.

Olufemi Ake is an experienced business development and strategic business operations professional. With 12+ years great work experience gathered in the Real Estate, FMCG and Information Technology sectors in the United Kingdom, Nigeria and Ghana markets, Femi spearheads the building and strengthening of the ESET brand in the Nigeria and Ghana Markets by opening access to strong, trust-based relationships with private & public sectors and making leads available to businesses in the market.

Femi is persistently ensuring the team’s alignment with B2G, B2C and B2B channel strategy for optimal implementation across the sectors in the market; develop and implement the annual Joint Business Plan, Annual Budget and Bi-Yearly Market Strategy to ensure ESET leads and leverage all opportunities relevant to our portfolio and strategy from a market perspective.

He Specialties include stakeholder management (Negotiations and Relationship Building); business analysis and strategic planning, implementation and control. Excerpt:

What would you say was the major security breach in the region within the period under-review?

Most companies that experienced one breach or the other prefers to find solution quietly rather than making it public, however, there were lots of cases of ransomware, stolen identity, DDos attack and cybercrime.

Owing to the fact Nigeria exited recession in 2017 were there increase in subscription for security solutions by both private and public institutions?

The Cybersecurity awareness activity is at a record high in 2017 but still nothing compared to what is obtainable in developed countries. Just like the saying, you can’t give what you do not have, most institution does not see the need to train their IT administrators or staff on the need for safe cyberspace let alone investing into getting an IT security solution. ESET with the support of NITDA created some form of awareness on safe cyberspace sometimes last year which had great influence on most school faculties in getting premium IT security service for their facility

How would you access banks/financial institutions’ approach to IT security? Is there any improvement?

Cyber security is the most prevalent IT risk for banks. In 2017 we saw the range of financial organizations that cybercriminals have been trying to penetrate, expand significantly. Different cybercrime groups penetrated bank infrastructure, e-money systems, cryptocurrency exchanges, capital management funds, and even the internet banking systems. Their main goal was to withdraw very large sum of money. They had breakthrough in some banks outside this region, this kind of attack ranges from ransomware to attacks on banks running SWIFT operations and ATM hack. Even at that it is not easy to attack or breach their network but I would have expected more cybersecurity awareness campaign from the banks because end to end protection is essential for total safety of a network or a service. At the moment, only a few of the banks are actively involved in building their user’s consciousness on cybersecurity.

How much can you estimate to be the losses recorded during the last one year due to Companies inability to subscribe to IT security?

Just as mentioned earlier, most companies do not usually disclose their experience of cyberattacks, however, the loss is usually huge and increase with time most especially with the number of ransomware attacks experienced last year. Loss did not only come in monetary form but also in innovations, the risk of being exposed made some organisation not to perform and deliver optimally. Last year November, Our Senate President reported that Nigeria lost N127Bn to cybercrime. This is just the one that they could account for in the midst of tons of unreported incidents.

In 2018, what are the expectations from ESET point of view?

We expect more sophisticated threat and the existing ones to revamp this year. The revolution of ransomware, most especially the targeted ones, Infrastructural attack like the supply chain attack (attack on utility software of organisations).

 

What would you say was the major security breach in the region within the period under-review?

Most companies that experienced one breach or the other prefers to find solution quietly rather than making it public, however, there were lots of cases of ransomware, stolen identity, DDos attack and cybercrime.

Owing to the fact Nigeria exited recession in 2017 were there increase in subscription for security solutions by both private and public institutions?

The Cybersecurity awareness activity is at a record high in 2017 but still nothing compared to what is obtainable in developed countries. Just like the saying, you can’t give what you do not have, most institution does not see the need to train their IT administrators or staff on the need for safe cyberspace let alone investing into getting an IT security solution. ESET with the support of NITDA created some form of awareness on safe cyberspace sometimes last year which had great influence on most school faculties in getting premium IT security service for their facility

How would you access banks/financial institutions’ approach to IT security? Is there any improvement?

Cyber security is the most prevalent IT risk for banks. In 2017 we saw the range of financial organizations that cybercriminals have been trying to penetrate, expand significantly. Different cybercrime groups penetrated bank infrastructure, e-money systems, cryptocurrency exchanges, capital management funds, and even the internet banking systems. Their main goal was to withdraw very large sum of money. They had breakthrough in some banks outside this region, this kind of attack ranges from ransomware to attacks on banks running SWIFT operations and ATM hack. Even at that it is not easy to attack or breach their network but I would have expected more cybersecurity awareness campaign from the banks because end to end protection is essential for total safety of a network or a service. At the moment, only a few of the banks are actively involved in building their user’s consciousness on cybersecurity.

How much can you estimate to be the losses recorded during the last one year due to Companies inability to subscribe to IT security?

Just as mentioned earlier, most companies do not usually disclose their experience of cyberattacks, however, the loss is usually huge and increase with time most especially with the number of ransomware attacks experienced last year. Loss did not only come in monetary form but also in innovations, the risk of being exposed made some organisation not to perform and deliver optimally. Last year November, Our Senate President reported that Nigeria lost N127Bn to cybercrime. This is just the one that they could account for in the midst of tons of unreported incidents.

In 2018, what are the expectations from ESET point of view?

We expect more sophisticated threat and the existing ones to revamp this year. The revolution of ransomware, most especially the targeted ones, Infrastructural attack like the supply chain attack (attack on utility software of organisations).

This is a critical year for Nigeria as election approaches, what are your thoughts on how INEC should preserve its cyber territory?

We cannot afford to have INEC or other FG site hacked at this sensitive time of electoral campaigns. ‘Imagine the impact of a fake report on INEC site saying election has been postponed indefinitely would have on the general public’’.

As we now know, these same networks have also been used to undermine electoral campaigns by spewing falsehoods, and promoting fake news reports, not to mention widespread attacks on reputation aimed at public figures.

A number of these attacks use computer threats such as bots or other form of malware, which could be mitigated with adequate security management protocols in place. Otherwise, what might appear to be the indication of a trend may actually be the manifestation of a group of attackers.

There is urgent need for aggressive cybersecurity campaign and deployment of IT security solutions to all institutions not just INEC facilities with special trainings organised for the IT administrators and staff.

ESET in recent time embarked on series of such campaigns, like the one we had with NITDA and the Secure School Initiative where every academia will have the opportunity of getting free copy of our premium product as well as free IT Security training. INEC should seek the help of IT security expert in preparing a robust plan ahead of the election.

ESET launched a project with NITDA in 2017, how will this program pan out in 2018? What are the success stories too?

ESET’s partnership with National Information Technology Development Agency, NITDA is to provide standards and guidelines in the protection of Nigeria cyberspace and ensuring that all Federal Government MDAs’ IT infrastructures are secured.  We have lots of success stories with the likes of NIMC, NISLT and some states have also subscribed to the program.

ESET Secure School Initiative is part of the program that focus on the academia, we have been able to share over tens of thousands of copies of our premium IT security software free in major tertiary institutions and also provide IT security trainings remotely to over hundreds of students. We plan to continue as it will enable NITDA and Governments institutions IT administrators and staff to have access to periodic Cyber security trainings by ESET experts on emerging threats. This will create massive cybersecurity awareness in Nigeria.

This program is available for all interested institutions (academic and others as well as the ministries)

How would ESET access Nigeria’s position on protection of kids online? Is the country doing enough?

Nigeria is gradually coming up in ensuring the use of age ratings on some sites and activities online, however, we can still do far beyond what we current have.

NCC could ensure that all content and activities online come with age rating signature so as to enable effective online security management to control what kids access on the net. In like manner, parent should also ensure that kids are sensitized on healthy use of the internet.

The need for a safe internet for kids cannot be over emphasized, as twist to this, shall we say because kids are exposed to bad content or their additive vulnerability to the internet, we should stop them from accessing the internet knowing fully that the potentials embedded online is huge?

ESET in her proactive design of security solution launched a product that gives parent rest of mind on their kid’s safety online anywhere anytime and any day; with or without internet connection.

ESET Parental Control for android is an application that is available on Google Play Store for parents to download and install on their device and the children devices

ESET Parental Control for Android lets you help them navigate online, manage what apps and websites they use, and decide – together – what’s good for them.

It also lets you see where your children are and send messages directly to their device screens.

What should we expect from ESET this year (in Nigeria)

We will continue with our cybersecurity awareness campaign by providing free IT security trainings, guidelines and solutions to individuals and organisations

Globally, following an analysis of the progression of ransomware and ongoing attacks on critical infrastructure, mentioned earlier, it becomes clear that cyberattacks will continue to expand in scope and volume this year and years to come. However, we must not lose sight of the fact that these complex scenarios are just one aspect of cybercrime as a whole and not necessarily the most significant. Even though sophisticated cyberattacks might attract more attention, they only represent a small fraction of the cyber threats we analyse in our malware labs on a daily basis.

In ESET we will continue to provide proactive counter measures to all these threats and the emerging ones through trainings and development of solutions (software). Our clients have nothing to worry about as our key objective is to allow you spend less time in managing our products while you do more in other productive activities; both at work or personal- Enjoy safer technology with us.