Security challenges that were once confined to physical domains have expanded into cyberspace, creating a multi-dimensional threat environment.

From insurgency and terrorism to cybercrime and digital vulnerabilities, the country now faces a layered security landscape that demands new thinking, modern tools, and a more adaptive national strategy.

Recent analyses suggest that Nigeria’s security framework is under pressure not simply because threats have increased, but because their nature has fundamentally changed.

Insurgency, kidnapping, communal conflicts, cyberattacks, and infrastructure sabotage now intersect, undermining economic stability and slowing digital transformation. In an era defined by rapid technological advancement, Nigeria’s ability to re-engineer its institutions and integrate modern defence capabilities will determine its resilience and long-term growth.

Strains on Traditional Security Systems

Nigeria’s existing security architecture is increasingly stretched by evolving threats. Insurgency remains a major concern, particularly in the northeast, where groups such as Boko Haram continue to deploy asymmetric tactics. These attacks have resulted in significant loss of life, disrupted economic activity, and weakened investor confidence. Incidents such as the 2025 attack on a military base in Borno highlight how non-state actors are adapting faster than traditional defence systems.

At the same time, cyber threats are rising sharply. As digital adoption expands across banking, e-commerce, and public services, so too does exposure to risks such as phishing, ransomware, identity theft, and attacks on critical infrastructure.

These incidents cost Nigeria hundreds of millions annually and erode trust in digital systems. Despite this, many institutions remain underprepared due to limited investment in cybersecurity, weak enforcement of regulations, and low levels of awareness among users.

Institutional fragmentation further complicates the situation. Security agencies, including the military, police, and intelligence services, often operate in silos, limiting coordination and slowing response times.

Modern threats require real-time intelligence sharing and unified command structures, yet integration remains weak. While criminal networks have embraced digital tools to coordinate and execute operations, state institutions continue to rely heavily on conventional methods.

The Digital Age: Opportunity and Risk

Nigeria’s growing digital economy presents both promise and peril. Increased mobile connectivity, digital payments, and fintech innovation are driving financial inclusion and economic growth. However, this rapid expansion also creates new vulnerabilities.

Millions of users and businesses are now exposed to cyber fraud, data breaches, and systemic risks that can disrupt entire sectors.

Artificial intelligence is intensifying this dynamic. Cybercriminals are leveraging AI to automate attacks, develop more sophisticated malware, and deploy deepfakes for fraud and manipulation.

On the other hand, security agencies and organisations are beginning to adopt AI for threat detection, anomaly identification, and response automation. This has created a technological arms race that Nigeria must urgently engage with.

Data itself has become a form of national infrastructure. As highlighted in discussions at the PAOEF Summit 2026, cybersecurity can no longer be treated as optional, it must be central to national defence. Digital trust, defined by the confidence of citizens and investors in the safety of systems, is now critical to economic competitiveness.

Rethinking Security for the Digital Era

Addressing these challenges requires a comprehensive overhaul of Nigeria’s security architecture. A more integrated framework is essential, one that enables seamless collaboration among the military, police, intelligence agencies, and civil authorities. Real-time data sharing, joint operations, and unified command centres will be critical to improving response capabilities and strengthening national resilience.

Technology must also be embedded across all levels of security operations. Tools such as predictive analytics, drone surveillance, cyber defence platforms, and digital forensics are no longer optional—they are essential components of modern security systems. Without these capabilities, Nigeria risks falling further behind both state and non-state actors who are rapidly adopting advanced technologies.

Cybersecurity policy must also evolve. Stronger legislation, nationwide awareness campaigns, and integration of cybersecurity education into school curricula are necessary to build a more resilient society. Critical infrastructure must be regularly assessed for vulnerabilities, while both public and private institutions invest in developing skilled cybersecurity professionals. International collaboration will also play a key role, enabling knowledge exchange, intelligence sharing, and access to global best practices.

At the centre of this transformation is human capital. Education remains Nigeria’s most powerful tool for long-term security and development.

Building a workforce equipped with digital skills, cybersecurity expertise, and innovative thinking will determine how effectively the country navigates future challenges.

Security, Inclusion, and Economic Stability

Security challenges in Nigeria are closely linked to broader socio-economic realities. Poverty, unemployment, and inequality often create conditions that fuel crime and extremism. Addressing these root causes is essential to any sustainable security strategy.

Economic inclusion, equitable governance, and community engagement can help reduce vulnerabilities. Community-based security approaches, where citizens actively participate in intelligence gathering and local peace-building, can complement formal structures and improve trust between institutions and the public.

At the same time, Nigeria’s ambition to become a leading digital economy depends on its ability to provide a secure environment. Investors, businesses, and innovators require confidence in both physical and digital infrastructure. Without this, growth will remain constrained.

Security as a Foundation for the Future

The link between security and development has never been more evident. Frameworks such as the Abuja Compact, discussed at the PAOEF Summit, emphasise key pillars including trusted digital identity, broadband expansion, AI-enabled public services, cybersecurity, startup development, and human capital growth. These elements highlight the interdependence between national security and digital transformation.

If Nigeria fails to secure its environment, both physical and digital, it risks falling behind in an increasingly competitive global landscape. However, with the right investments and reforms, the country can turn its challenges into opportunities, unlocking new pathways for innovation, productivity, and economic growth.

Conclusion

Nigeria must transition from reactive to predictive security, from fragmented systems to coordinated intelligence, and from analogue approaches to digital defence. The future belongs to nations that understand the deep connection between security and development in a technology-driven world.

By strengthening its security architecture today, Nigeria can safeguard its sovereignty, empower its citizens, and position itself as a resilient and competitive player in the global digital economy.

The path forward is clear: secure the nation, embrace technology, and build a future defined by stability, innovation, and inclusive growth.

The report revealed that eight African countries were ranked among the top 20 most attacked nations worldwide, with Nigeria placing 13th.

Ethiopia led the African rankings, topping the global list with a Normalised Risk Index of 98.2%, while Uganda, Angola, and Ghana secured the 8th, 9th, and 11th spots, respectively. 

Nigeria followed closely with a Normalised Risk Index of 62.3%. Other African countries on the list included Kenya (17th), Mozambique (18th), and Côte d’Ivoire (20th).

The African continent is being targeted for its growth in digital technology leverage, with cybercriminals using sophisticated tactics like artificial intelligence (AI)-driven ransomware.

One of the major groups in December was FunkSec, a new ransomware-as-a-service (RaaS) group responsible for 14% of all reported ransomware attacks that month. 

FunkSec’s growth has been linked to its AI-powered double-extortion techniques, where stolen data is both encrypted and held for ransom. Although many of FunkSec’s victim reports were questioned for authenticity, the group’s rise poses a huge threat to global cybersecurity.

In addition to FunkSec, other malware families such as FakeUpdates and AgentTesla were also disturbing threats in December. FakeUpdates impacted 5% of organisations globally, while AgentTesla used keylogging and credential theft to target 3% of businesses.

Mobile devices were not spared, with banking Trojans like Anubis and Necro exploiting vulnerabilities to steal credentials and install malicious software.

The growing sophistication of cyberattacks reiterates the need for enhanced cybersecurity measures. Maya Horowitz, vice president of Research at Check Point, emphasised that organisations must stay ahead of these threats by adopting advanced security tools to defend against AI-powered ransomware and other emerging risks.

Cybercriminals are targeting high-value systems and using sophisticated encryption methods to extort businesses. 

Hence, organisations must focus on building stronger defences against ransomware groups, including RansomHub and LeakeData, as mentioned in the global threat index report, strengthening their security strategies to mitigate the risks caused by these evolving threats.

A recent study found that nearly 60% of all online fraud cases in 2024 involved AI-powered scams, a number that hasn’t stopped growing as scams become more sophisticated. 

AI’s ability to mimic voices, faces, and even videos is making scams more personal and harder to detect.

Experts from Psono.com have warned about how scammers are now using AI to launch highly convincing attacks, including voice cloning and phishing emails. These advancements are creating added risks to personal data and financial security.

Let’s explore the various types of AI-powered scams plus ways to protect yourself from falling victim.

1. AI-Powered Scams: The Rise of Deepfakes

AI is now being used to create deepfakes, which can impersonate voices, faces, and even video footage of family members, friends, or colleagues. Through harvesting data from social media profiles, scammers can generate realistic recordings or videos that ask for money or sensitive information. 

This new level of impersonation makes it alarmingly difficult to distinguish genuine requests from fraudulent ones.

What to Do: If you receive an unexpected request from someone you know, always ask them questions that only the real person could answer. A vague or incorrect response is a red flag. Be cautious and verify before acting.

2. Gift Card Scams: Targeting Your Shopping Habits

During peak shopping seasons, scammers use AI to analyse online shopping patterns and target victims with gift card scams. They may impersonate a loved one or a store, asking for gift cards to resolve an emergency or issue. Once the gift card codes are shared, they are quickly redeemed, resulting in financial loss for the victim.

What to Do: Never share gift card information with anyone, especially if the request is unexpected or urgent. Always contact the person or company directly through verified channels to confirm the request before taking any action.

3. Vishing: The Telephone Scam

Vishing, or voice phishing, involves fraudsters impersonating trusted institutions, such as banks or government agencies, over the phone. They create a sense of urgency, claiming suspicious activity on your account, and pressure you into providing sensitive information.

What to Do: Legitimate organizations will never ask for sensitive information over the phone. If you receive such a call, hang up immediately and contact the institution directly using a verified number.

4. Smishing: The Phishing Text

Smishing scams are delivered through text messages, often posing as account updates or delivery alerts. The goal is to trick the recipient into providing personal credentials or downloading malicious software.

What to Do: Always check the sender’s number. If it doesn’t match the official organisation, it’s likely a scam. Don’t click on any links in unsolicited messages and verify the content with the company before acting.

5. Clone Phishing: Malicious Copies of Real Emails

Clone phishing occurs when scammers replicate legitimate emails, such as receipts or notifications, and replace the links or attachments with malicious ones. The familiarity of the original email makes the fraudulent one harder to spot.

What to Do: Always check the sender’s email address carefully. Hover over any links to see where they lead and, if in doubt, contact the sender directly via official communication channels.

6. Social Media Phishing: Fraud on Social Networks

Phishing on social media involves hackers using fake or compromised profiles to send messages that appear to come from trusted contacts. These messages may offer giveaways or ask for urgent action, often aiming to steal login credentials or other personal details.

What to Do: Never click on links sent through unsolicited messages. Double-check any request through official channels, and be cautious of login pages that look suspicious.

7. Man-in-the-Middle Attacks: Public Wi-Fi Hazards

Hackers can intercept data sent over unsecured public Wi-Fi networks, such as in cafes or airports, to steal passwords or banking information. These attacks are often unnoticed by the user but can have devastating effects.

What to Do: Avoid accessing sensitive accounts over public Wi-Fi. Use a Virtual Private Network (VPN) for added security, and ensure websites are encrypted by looking for “https://” in the URL before entering any personal information.

8. Ransomware: A Growing Threat

Ransomware attacks encrypt files or lock devices and demand payment to restore access. These attacks often begin with phishing emails or malicious downloads and can be financially ruinous.

What to Do: Regularly back up important files to an offline location and avoid downloading suspicious attachments. If attacked, report the incident to the authorities and seek professional assistance to mitigate the damage.

9. DNS Spoofing: Fake Websites Designed to Deceive

DNS spoofing involves redirecting users to fake websites that closely resemble legitimate ones. These fake sites are designed to steal login credentials or credit card information from unsuspecting visitors.

What to Do: Always double-check website addresses before entering any sensitive information. Look for “https://” in the URL, and consider using tools that protect against DNS attacks.

10. Fake Job Offers: The Scam Job Posting

Scammers often post fake job offers that promise high pay or flexible work arrangements, asking for payment or personal information upfront. These scams typically target those looking for remote work or those seeking employment during economic downturns.

What to Do: Before providing personal details or making payments, ensure the job offer is legitimate. Research the company thoroughly and contact them directly through verified channels to confirm the offer’s authenticity.

Sascha Pfeiffer, CEO of Psono, commented on the growing threat of AI in cybercrime, saying, “AI is changing how scammers operate, making their attacks more personal and harder to spot. They use tools to mimic voices, create fake videos, or send messages that seem to come from trusted contacts. It’s now easier than ever to fall for a scam, whether it’s a text from a friend asking for help or a gift card offer from a favourite store. Staying alert is important, as these scams can lead to serious financial losses. Under no condition should you share very personal data, such as passport details or credit card CVV, via email, phone, or any other method that can be easily accessed by hackers.”

Pfeiffer further advised, “If you hear the voice of a close person asking for help, take extra precautions to verify their identity by asking specific questions or details only they would know, ensuring you’re speaking to the real person.”

Stay Vigilant to Protect Yourself

AI is evolving and so are the tactics used by cybercriminals. Scams are becoming more realistic, personalised, and harder to detect. However, staying vigilant and adopting simple security practices will help individuals protect their personal information and avoid falling victim to these sophisticated attacks. 

Always verify requests, question any unusual behaviour, and remember that your data is valuable—take steps to keep it safe.

This was revealed in a report by insurance broker Howden, based on a survey conducted in September.

Financial Toll on Companies

Cyberattacks have eroded approximately 1.9% of revenue on average for affected companies. The report noted that businesses with annual revenues exceeding £100 million are at greater risk, stressing the financial vulnerabilities of larger enterprises in the face of rising cyber threats.

Leading Causes of Cyberattacks

The report identified email compromises and data theft as the primary methods used by cybercriminals. 

Compromised emails accounted for 20% of attacks, while data theft was responsible for 18%, leaving companies exposed to both financial and reputational damages.

Alarming Cybersecurity Gaps

Although there are growing risks, the survey found significant gaps in cybersecurity measures among businesses. 

Only 61% of companies reported using anti-virus software, and just 55% had network firewalls in place. Barriers such as high costs and limited internal IT resources were noted as reasons for the inadequate adoption of protective technologies.

Sarah Neild, Howden’s head of UK cyber retail, spoke on the urgency of addressing these vulnerabilities. “Cybercrime is on the rise, with malicious actors exploiting weak spots as companies increasingly depend on technology for their operations,” she said, calling for assertive measures to mitigate the growing risks.

As the world gets more digital, businesses stand the risk of facing more sophisticated cyberattacks. The combination of inadequate defences and growing reliance on technology makes organisations susceptible to sophisticated attacks.

Steps to Strengthen Cybersecurity

To counter these threats, businesses are advised to:

• Invest in Solid Defences: Allocate budgets for advanced cybersecurity tools like firewalls, anti-virus systems, and real-time monitoring.
• Enhance Workforce Preparedness: Conduct regular training sessions to help employees identify and respond to threats effectively.
• Perform Routine Security Audits: Regularly assess systems to identify vulnerabilities and implement necessary updates.

The survey, conducted by YouGov among 905 IT decision-makers in the UK’s private sector, warns businesses to prioritise cybersecurity or risk further financial and operational harm.

In Q2 2024 alone, over 11,500 fraud cases were reported, involving ₦56.3 billion, marking a 1,784.94% increase in the total amount involved compared to Q1, according to the Financial Institutions Training Centre (FITC).

Total losses increased to ₦42.6 billion, an 8,993.04% increase from the preceding quarter.

Mobile, web, and POS-related fraud remain the most prevalent types, with cybercriminal activities involving external actors increasing by 5.20% and staff involvement in fraud cases rising sharply by 23.40% from Q1 to Q2 2024. 

But PalmPay is not sitting back on this. The fintech platform is rising to raise awareness of the urgent need for collective action to fight fraud and secure Nigeria’s financial systems.

PalmPay’s Initiative Against Fraud

In commemoration of the 2024 International Fraud Awareness Week, PalmPay, a leading digital financial platform in Nigeria, organised a community walk on 22 November in Lagos.

Themed “United Against Fraud: Building a Safer Future”, the initiative aimed to educate the public on fraud prevention and digital security.

Addressing participants, PalmPay’s managing director, Chika Nwosu, noted the importance of tackling fraud collaboratively:

“Fraud is more than just a crime—it is a systemic threat that undermines trust, compromises security, and disrupts progress. Its effects are far-reaching, impacting personal livelihoods and the integrity of businesses.”

He further highlighted the growing sophistication of fraudsters, leveraging vulnerabilities in digital payment platforms:

“Recent statistics from the Financial Institutions Training Centre (FITC) reveal that over 11,500 fraud cases were reported in Q2 2024—a stark reminder of the growing sophistication and persistence of these threats. These figures are more than numbers; they represent real people whose trust has been broken and whose finances have been compromised.”

Educating the Public on Fraud Prevention

During the event, PalmPay reiterated the lessons for fraud prevention, including safeguarding personal information, verifying suspicious emails, and refraining from disclosing sensitive information, even to close family members.

He stated: “You don’t need to open suspicious links. Verify them first. Once you have a suspicious email, report it and ask questions. We have built a robust system that cannot be penetrated by fraudsters, but the public must also avoid compromising their identity.”

PalmPay also stressed the importance of educating underserved communities where ATMs are frequently unavailable. According to a recent survey by the NDIC, 70% of ATMs in urban areas experience cash shortages, with rural areas facing even higher challenges.

“POS agents play a necessary role in bridging the gap in financial inclusion. While ATMs are limited by cost and location, agency banking ensures that financial services are accessible, even in remote villages.”

PalmPay Emphasises Collaboration with Stakeholders

PalmPay reiterated its focus on fraud prevention through strong collaboration with law enforcement agencies such as the EFCC and the Nigerian Police Force.

“We maintain a close relationship with all security agencies. Whenever there is an issue, we provide them with the necessary information promptly to address fraudulent activities,” Nwosu explained.

“Together, we can create an environment where individuals and businesses can thrive without fear, knowing that trust and security are at the heart of our digital world.”

PalmPay affirmed its intention to extend such campaigns nationwide, strengthening its mission to build a safer and more inclusive financial ecosystem.

This campaign leverages advertisements from seemingly reputable brands, including Netflix, Office 365, and CapCut, to deceive users into downloading malware disguised as legitimate software.

The primary target of this campaign appears to be older male users, with the goal of seizing control of their Facebook accounts and harvesting personal data. 

According to Bitdefender, cybercriminals create convincing ads that mimic authentic services or popular applications, such as free, ad-free Netflix streaming and productivity tools, enticing users to click. 

Once a user interacts with these ads, they are redirected to MediaFire, a cloud storage platform where a malicious ZIP file awaits. The malware, embedded within this ZIP, uses Electron applications that visually replicate the advertised software but operate covertly to capture the user’s information.

One of the distinguishing features of the SYS01 malware is its adaptability. It is programmed to bypass many security detection systems, employing advanced techniques such as sandbox evasion and constant code updates from command and control servers. 

Bitdefender highlights that cybercriminals swiftly alter the malware’s code whenever cybersecurity companies detect and block a particular version, which allows the campaign to continue undetected on Meta’s platforms.

This malware’s design compromises individual Facebook accounts and also exploits business accounts. Hijacked accounts are repurposed by attackers to distribute further malicious ads, thereby expanding the campaign’s reach. 

This strategic use of compromised accounts has enabled the campaign to extend globally, impacting users across continents, including Europe, North America, and Asia.

Initially discovered in September 2024, the SYS01 infostealer has reportedly affected millions of users. Bitdefender emphasises that the malware remains active and continuously evolves, with new ads appearing daily.

The firm advises users to exercise caution when encountering online advertisements that promise free or premium services, even from recognisable brands.

Facebook users are advised to avoid clicking on suspicious ads and to be wary of software downloads from unofficial sources.

The advisory warns of the high probability and severe damage potential of these attacks, particularly those orchestrated by the Phobos ransomware group.

According to ngCERT, the most at-risk entities include providers of information technology and telecommunication services. These sectors are particularly vulnerable as they often manage cloud services for critical government agencies, financial institutions, telecommunications, education, healthcare services, and NGOs in Nigeria. 

“ngCERT has detected an increase in ransomware attacks by the Phobos ransomware group, specifically targeting critical cloud service providers within our national cyberspace. We are actively collaborating with vulnerable and affected organisations to swiftly resolve these incidents and prevent further escalation. 

“The most at-risk entities include providers of information technology and telecommunication services, such as managed cloud services, whose clients include critical government agencies, financial institutions, telecommunications, education, healthcare, service providers, and NGOs in Nigeria.”

The advisory emphasises the need for these organisations to proactively implement mitigation strategies to prevent the spread of malware.

Recent intelligence has revealed a surge in ransomware activities aimed at cloud service providers key to Nigeria’s cyberspace. The Phobos group has been particularly aggressive, targeting entities that include government agencies, financial institutions, healthcare services, and NGOs. 

These attackers exploit vulnerabilities in these systems to gain unauthorised access, encrypt data, and demand ransoms. 

Phobos ransomware operatives typically infiltrate networks using phishing campaigns and IP scanning tools to find susceptible Remote Desktop Protocol (RDP) ports. They exploit these vulnerabilities to execute hidden payloads and gain control over systems. 

Upon accessing an exposed RDP service, they use brute force tools to escalate privileges and deploy additional malware. Key tools in their arsenal include lsass.exe and cmd.exe for command execution and tools like Smokeloader for payload delivery.

Indicators of compromise associated with these attacks include emails from finamtox@zohomail.eu, potentially related to the Phobos ransomware group. The file format often used is filename.id[xxxxxxx-xxxx].email.xshell.

Organisations affected by Phobos ransomware may experience a range of serious consequences. These include system compromises and data breaches, ransom payments to restore access, data encryption leading to operational lockouts, financial losses, Denial of Service (DoS) attacks, and fraudulent activities using compromised systems.

ngCERT recommends several measures to combat these threats. Organisations should secure RDP ports and prioritise the remediation of known vulnerabilities. Implementing Endpoint Detection and Response (EDR) solutions to disrupt malicious activities is also important. 

Again, disabling unnecessary command-line and scripting activities can prevent unauthorised access. Segmenting networks to prevent the spread of ransomware and regularly updating and enabling real-time antivirus detection are also advised. 

Conducting audits of user accounts and administrative privileges helps maintain a secure environment. Maintaining multiple, secure backups of vital data and disabling hyperlinks in received emails to prevent phishing attacks are essential preventive measures.

Organisations are urged to adopt these mitigation strategies to protect their systems from the escalating ransomware threat. Regular updates, vigilant monitoring, and robust security protocols are essential to safeguard against these sophisticated cyber-attacks.

However, the reality is that cost-effective solutions do exist for businesses of all sizes. Read on for expert tips on how to protect your small business. 

Trevor Cooke, the online privacy expert at EarthWeb, outlines six practical, budget-friendly strategies to enhance your business’ security. 

What Are The Risks?

Small businesses are not immune to cyber threats; in fact, they are often more vulnerable due to limited resources and a lack of expertise in cybersecurity. Cybercriminals exploit this vulnerability through various tactics, including phishing attacks, ransomware, and data breaches.

Trevor explains, “Moreover, the proliferation of remote work and reliance on cloud-based services have expanded the attack surface for cyber attackers, making it easier for them to infiltrate business networks and steal sensitive information.”

Trevor’s Cost-Effective Solutions

Trevor says, “Contrary to popular belief, implementing effective cybersecurity measures does not necessarily require a significant financial investment. Small businesses can adopt several cost-effective strategies to enhance their cybersecurity posture.” 

Here are some of Trevor’s top tips:

Use Open-Source Security Tools

Trevor advises, “Leverage open-source software for antivirus protection, firewalls, and intrusion detection systems.” These tools offer robust security features without the high costs associated with proprietary solutions. Examples include ClamAV for antivirus and pfSense for firewall protection.

Put Together Your Own Employee Training

Invest your time in creating cybersecurity training programs to educate employees about common threats, phishing scams, and best practices for safeguarding company data. Trevor notes, “You can find free resources online which your employees can work through, rather than you having to create it all from scratch. By raising awareness among staff members, businesses can significantly reduce the risk of human error leading to security breaches.”

Perform Regular Risk Assessments

Build regular risk assessments into your routine so you can identify vulnerabilities in your IT infrastructure and prioritize security measures accordingly. This proactive approach helps businesses address potential weaknesses before they can be exploited by cyber attackers.

Implement Strong Password Policies

Trevor recommends enforcing strong password policies and requiring employees to use complex passwords and change them regularly. Additionally, consider implementing multi-factor authentication (MFA) for an extra layer of security.

Securely Encrypt Your Data

Encrypt sensitive data stored on company servers, laptops, and mobile devices to protect it from unauthorized access. Trevor says, “Tools like VeraCrypt and BitLocker offer free encryption solutions that are easy to implement and highly effective.”

Ensure Regular Software Updates 

Keep all software and operating systems up to date with the latest security patches to address known vulnerabilities. Cybercriminals often exploit outdated software to gain unauthorized access to systems.

Trevor says, “Small businesses must prioritize cybersecurity and allocate resources wisely to protect their assets and reputation.” In implementing cost-effective security measures and fostering a culture of cybersecurity awareness, businesses can significantly reduce their risk of falling victim to cyberattacks.

Here are the highlights of 2022 predictions for the industrial, healthcare and privacy sectors.

#1 Machine “unlearning” on the rise:

Modern machine learning (ML) can memorise massive chunks of information about users’ private behaviour. As governments contemplate new regulations to protect citizens’ privacy, will that extend to the private data being used to train ML models in the first place?

If it does, then expect companies and researchers to develop new technologies, such as “machine unlearning”, which would allow them to remove data from already trained algorithms.

Along those same lines, governments and users are calling for more transparency in general when it comes to ML algorithms.

Such algorithms are increasingly used for various decisions, from determining whether or not people qualify for a loan to the ads displayed on users’ screens. But this can lead to privacy – and even discrimination – concerns.

In the coming year, expect more discussions and regulations surrounding the decisions being made by automated systems.

#2 Attacks against industrial organisations will continue and may become harder to automatically detect and prevent

Expect attacks to continue disrupting the operations to and even harm businesses in the coming year – and in even more devastating ways.

Due to preventative protective measures taken by governments and businesses, alike, attackers themselves are forced to invest in the security of their own operations and to mitigate their risks, and they need to adopt more efficient tactics and technologies to react to the security controls and mechanisms recently implemented in industrial organisations.

As such, cybercriminals are now shortening the lifecycle of the malware in use. A particular, malicious sample may be used against a very limited set of targets and only be active for a couple of weeks, while it is at its peak effectiveness and then a new build is released to bypass detection.

They are also limiting their use of malicious infrastructures.

Research into some recent APT activities showed that some campaigns’ Command and Control servers may only be active for a couple of hours during the relevant phase of the operation. Some attackers even avoid using a malicious infrastructure altogether in the source of the attack.

These are a few of the trends that will continue, and most likely, as result, we will be facing cyberattacks of even bigger threat potential and danger.

#3 Digitalisation in the healthcare sector = more data breaches

Last year, Kaspersky researchers predicted that, as the pandemic took hold, the health care sector would receive major attention from cybercriminals.

This certainly proved true, as criminals sought financial gain from various campaigns themed around the vaccine and ransomware hit hospitals, endangering patients’ lives.

In the year to come, the attack vector for the health care sector will only continue to expand, as more patient data moves to the Internet and health care providers continue adopting digital treatment services, such as telehealth. 2021 already saw healthcare data breaches increase by one and half times when compared to 2019.

Expect attackers to search for vulnerabilities they can exploit in new wearable devices and medical applications being developed or creating fraudulent apps that users may mistakenly download.

What’s more, as different countries set different vaccination rules for traveling and visiting restaurants, the market for fraudulent digital vaccination passports and certificates will continue to grow.

Chainalysis, which targets releasing the full cryptocurrency crime report in February, also revealed that the total transaction volume grew to $15.8 trillion in 2021, up 567% from the total in 2020.

“Given that roaring adoption, it’s no surprise that more cybercriminals are using cryptocurrency. But the fact that the increase was just 79% — nearly an order of magnitude lower than overall adoption — might be the biggest surprise of all,” the report stated.

Transactions involving illicit addresses represented just 0.15% of cryptocurrency transaction volume in 2021 despite the raw value of illicit transaction volume reaching its highest level ever.

Chainalysis attributes the growing number of crypto crimes in part to the rise of decentralised finance, or DeFi, and its potential for misuse. Over $2.8 billion stolen from victims came from rug pulls, a term used for a cryptocurrency project that takes money from investors and then drains the funds. The firm speculates that because it is relatively easy to create new DeFi tokens and get them listed on exchanges, scammers continue to make a profit.

About $3.2 billion worth of cryptocurrency was stolen in 2021, mostly from DeFi protocols that sometimes have errors in their smart contract codes.

“DeFi is one of the most exciting areas of the wider cryptocurrency ecosystem, presenting huge opportunities to entrepreneurs and cryptocurrency users alike,” the report further stated. “But DeFi is unlikely to realize its full potential if the same decentralisation that makes it so dynamic also allows for widespread scamming and theft.”