The training, held at the Staff Clinic Hall, Alausa, Ikeja, was themed “Cybersecurity in 2026: Defending Against Modern Threats in a Digital Workplace.”

It brought together personnel from multiple MDAs to improve their understanding of emerging cyber risks and modern security best practices.

The programme focused on key cybersecurity threats expected to shape the digital landscape in 2026. These included artificial intelligence-driven attacks, deepfake-enabled fraud, advanced phishing schemes, ransomware, identity theft, cloud security risks, and supply chain compromises.

Participants were taken through interactive lectures, scenario-based discussions, case studies, and practical sessions aimed at improving their ability to identify, prevent, and respond to cyber threats in the workplace.

Speaking during one of the sessions, Mr Olabanji Soledayo, Strategic Partnership manager and Cybersecurity Awareness evangelist at ESET Nigeria highlighted the growing importance of human awareness in combating sophisticated cyberattacks and safeguarding digital work environments.

He noted that individuals within organisations are a critical line of defence as attackers rely more on social engineering and identity-based tactics.

He also commended the Lagos State Government for its continued collaboration with ESET in strengthening cybersecurity capacity across its institutions.

Technical sessions at the training covered areas including email security, endpoint protection, ransomware defence, threat detection, and modern cybersecurity practices relevant to government institutions.

Speaking at the event, Mr Kadri Shamusideen, deputy director, Ministry of Science and Technology emphasized the importance of cybersecurity awareness as government services continue to undergo digital transformation.

He added that as government operations become increasingly digitised, cybersecurity awareness has become a critical component of public service delivery.

While technology provides the necessary security controls, our employees remain the first line of defence against cyber threats. Continuous education and awareness are therefore essential in ensuring that staff can identify emerging threats and respond appropriately.

Mr Kadri described the training as timely and relevant, noting that cyber threats continue to evolve in complexity and sophistication, commending the impressive turnout of participants and the support received from various MDAs across Lagos State.

According to him, strategic collaboration between government institutions and cybersecurity industry leaders remains critical to strengthening national cyber resilience.

ESET Nigeria noted that the programme forms part of its broader commitment to helping organisations across Nigeria improve cyber resilience through awareness, education, and advanced cybersecurity solutions.

The company noted that as cybercriminals increasingly adopt artificial intelligence, social engineering techniques, and identity-based attacks, employee awareness remains one of the most effective defences against modern cyber threats.

According to ESET, the campaign appears to be part of North Korea’s broader effort to advance its drone program by stealing proprietary designs, engineering data, and manufacturing know-how from foreign defense contractors.

“Some of the targeted companies are deeply involved in the UAV sector, suggesting that this operation may be linked to North Korea’s current efforts to scale up its drone capabilities,” ESET said in its latest analysis.

Targets and Techniques

Beginning in late March 2025, ESET telemetry detected a string of cyberattacks against three European defense companies, a metal engineering firm in Southeastern Europe, a manufacturer of aircraft components in Central Europe, and a defense company also based in Central Europe.

Investigations revealed that the attackers relied on social engineering tactics typical of the Operation DreamJob campaign, including fake job offers and trojanized open-source projects hosted on GitHub.

Once access was gained, the attackers deployed a remote access trojan (RAT) known as ScoringMathTea, granting them full control of compromised machines.

ESET noted that ScoringMathTea first appeared in late 2022, when its dropper was uploaded to VirusTotal, and has since been repeatedly observed in multiple Lazarus-linked intrusions. The malware communicates with command-and-control servers hosted on compromised WordPress websites, often hidden within plugin or design template folders.

Lazarus’ Espionage Goals

The Lazarus Group, one of the most active and sophisticated state-sponsored threat actors associated with North Korea, has a history of cyberespionage and financially motivated attacks.

Under the Operation DreamJob codename, Lazarus typically targets professionals in the aerospace, defense, engineering, and technology sectors, using enticing job offers to lure victims into installing malware.

While the group’s primary goal remains cyberespionage, stealing sensitive and proprietary data, the secondary objective often includes financial gain through digital theft or cryptocurrency-related exploits.

ESET’s researchers believe the most recent campaign demonstrates a renewed focus on the UAV sector, as two of the targeted firms are directly engaged in drone component manufacturing and UAV software development.

“Technical artifacts in the attackers’ droppers reinforce the hypothesis that the UAV sector was the main espionage goal,” ESET stated.

Geopolitical Implications

The findings add to growing evidence that North Korea’s cyber operations are increasingly intertwined with its military modernization programs, particularly in the drone and missile domains.

With European defense firms playing a key role in supplying military technology and equipment to Ukraine, experts warn that such cyberattacks could have strategic and geopolitical consequences.

ESET’s report offers a high-level overview of the Lazarus Group’s latest tools and methods while calling attention to the need for stronger cyber defense collaboration across the defense and aerospace sectors.

An extract of ESET’s full “Network API 2025–2030 Report” is available for free download on the company’s website.

More about Operation DreamJob

Operation DreamJob is the codename for an ongoing series of Lazarus campaigns that use fake job recruitment schemes to compromise targets.

These attacks often begin with LinkedIn or email outreach, delivering malicious documents or project files disguised as legitimate opportunities.

The Lazarus Group, believed to operate under the direction of the North Korean government, has been linked to numerous cyberattacks worldwide, including the Sony Pictures hack (2014), the WannaCry ransomware outbreak (2017), and several cryptocurrency heists targeting global exchanges.

Responding to these recent revelations of global cyberespionage campaigns by ESET, Olufemi Ake, managing director of ESET Nigeria, has raised concerns over the growing vulnerability in the defense ecosystem, going by the current state of security in the region, particularly West Africa.

“It is an attractive region for cyberattacks,” Ake stated. “With the increasing digital connectivity, expansion of defence partnerships, and emergence as a numerous tech innovation hub, individuals are now seen as potential entry points for both direct cyber threats and indirect access to global supply chains as it relates to the security situation in certain pocket areas.”

He identified several sectors currently at heightened risk, including government agencies or institutions with large data of citizens, key sectors in partnership with the government, holding sensitive intellectual properties, such as engineering and technology firms, critical infrastructure operators such as power, telecommunications, and finance, as well as the defence, aerospace, and media industries.

To mitigate these risks, Ake emphasised the importance of integrating cybersecurity awareness training into employee onboarding processes.

He urged organisations to prioritise the education of staff, the deployment of robust device protection, and the implementation of advanced threat detection systems, alongside regular system updates.

These, he noted, are essential strategies to maintain resilience and stay ahead of the evolving threat landscape.

In a broader appeal, Ake called on West African nations to treat cybersecurity as a strategic imperative at the helm of affairs.

“As countries across the region continue their digital transformation journeys, cyber resilience must be made a top priority,” he said. “Achieving this will require regional collaboration, sustained awareness campaigns, and long-term investment in cybersecurity capacity- building to safeguard national interests, economic growth, and public trust in digital systems.”