Recent international research—such as the Temporal-Spatial Attention Network (TSAN) model, which I presented at the ICMLT 2025 conference in Helsinki—demonstrates that artificial intelligence is now playing a game-changing role in defending against sophisticated cyber threats, especially Denial-of-Service (DoS) attacks.

The Changing Face of Cyberattacks

Gone are the days when cyberattacks were just brute-force floods. Today’s attackers use smarter, stealthier methods. They understand protocols, exploit timing patterns, and hide in plain sight. Traditional rule-based systems and shallow machine learning models often fail to catch these evolving threats.

This is where advanced AI models like TSAN come in. TSAN doesn’t just react—it understands. It combines temporal analysis (detecting how network traffic behaves over time) with spatial analysis (examining the structure of data packets) to make real-time, accurate decisions.

As someone who recently analyzed TSAN’s performance on industry-standard datasets like NSL-KDD, I found that it consistently outperformed older detection methods, with over 92% accuracy, while maintaining a small footprint suitable for real-world deployment.

Why This Matters for Nigeria

Nigeria is one of Africa’s most vibrant digital economies, with rapidly growing fintech, health tech, and govtech ecosystems. But with growth comes risk. Cybercriminals don’t respect borders—and we’ve already seen local incidents involving ransomware, phishing, and DoS-style disruptions.

Yet many Nigerian organizations still rely on outdated security tools that can’t keep up. The question isn’t if we will be targeted, but how prepared we are when it happens.

What Needs to Happen Next

1. Adoption of AI-based cybersecurity tools: Public and private organizations need to start experimenting with and deploying models like TSAN—either independently or as part of commercial solutions.
2. Investment in cyber research and talent: Nigeria must fund academic and industry-led research into AI for cybersecurity. We don’t need to reinvent the wheel, but we must contribute to and customize global solutions.
3. Policy and public-private partnerships: Regulators should incentivize innovation in cybersecurity and encourage collaboration across sectors. The threats we face are complex—our response must be coordinated.
4. Local adaptation of global models: Tools like TSAN are powerful, but they need to be tested against local network environments, including telcos, financial services, and government infrastructure.

Final Thoughts

AI won’t solve all our cybersecurity problems, but it will be central to the next generation of defence systems. Models like TSAN show what’s possible when cutting-edge research meets practical application.

As Nigerian professionals, researchers, and policymakers, we have a choice: wait for threats to escalate or proactively embrace innovation.

I strongly believe it’s time we choose the latter.

About the Author:

Bisola Kayode is a cybersecurity researcher, conference speaker, and mentor working at the intersection of AI and digital security. She is passionate about advancing cyber resilience in Africa through research, education, and innovation.

In January 2023, Cyber Security Experts of Nigeria (CSEAN) released its National Cyber Threat Forecast for the year. The report gives insight into the state of regular and emerging threats from cybercriminals, as well as the possibility of cyberattacks during Nigeria’s presidential elections in February.

The forecast predicts that 2023 will see an increase in government infrastructure as a target (GIaaT) attack, with malicious actors exploiting outdated and vulnerable applications in government organisations.

Criminals will continue to rely on malware, specifically ransomware – a threat that small and medium-sized enterprises are particularly vulnerable to. Other identified threats include attacks on financial institutions, cloud infrastructure, and individuals via phishing and social engineering techniques.

These forecasts correlate with recent incidents that threaten Nigeria’s digital ecosystem. According to the Minister of Communications and Digital Economy, Nigeria experienced 6.9 million cyberattacks on election day, originating from inside and outside the country. And in 2022, attacks on institutions such as mobile money providers and betting platforms resulted in business disruption and financial losses worth millions of US dollars.

A reported culture of secrecy elevates cybersecurity concerns. Nigerian organisations are hesitant to disclose any incidents or breaches they experience. Although this is understandable, it makes solving the problem more difficult.

Businesses cannot simply wait to become victims of cybercrime. They must develop and execute strategies that use the latest technologies and position them as entities that take security seriously. This starts with understanding the landscape, the challenges we face, and available solutions.

Skill gaps, 5G, and other challenges

Our vulnerability to cybercrime is an amalgamation of factors ranging from inadequate responses to threats and a lack of transparency to government computing resources. The prevalence of hybrid work models also makes data and people more susceptible to threats.

Like the rest of the world, Nigeria suffers from a lack of talent where it’s needed most. Studies reveal a global cybersecurity workforce gap of 3.4 million people.

According to the WEF Global Cybersecurity Outlook 2023 report, 59% of surveyed business leaders and 64% of cybersecurity leaders ranked talent recruitment and retention as a key challenge for managing cyber resilience.

Meanwhile, one of the biggest developments to impact Nigerian citizens and businesses has been the deployment and growth of 5G, spurred by major telecom providers now offering 5G network services in cities like Lagos and Abuja.

This is promising, but as these networks grow, cybercriminals can exploit the faster channels to carry out attacks such as distributed denial of service (DDoS) attacks.

Challenges like these demand change. To that end, enterprises should consider new models and innovative solutions that transform their systems and secure them from the inside out.

Rethinking security

Nigeria is embracing cloud computing like never before. Our data centre market is expected to grow year-on-year by more than 13% between 2022 and 2027. Because of this, it’s essential to focus on cloud security and cloud workload protection. Enterprises can safeguard their applications and data through best practices such as “secure-by-design” and evolving security solutions into a DevSecOps model, meaning security and engineering teams work together to build and run applications that boast integrated security mechanisms.

Another essential for enterprises is implementing zero-trust architecture. A zero-trust strategy is critical to securing an organisation’s IT resources and data, especially in the age of hybrid work models, where IT resources and workforces are no longer centralised.

With zero-trust architecture, organisations can authorise and monitor access on a per-user basis and secure networks with several layers of security mechanisms. Going forward, a zero-trust strategy will go from being “good to have” to critical for Nigerian organisations.

In the face of this, enterprises in Nigeria both big and small should access the support they need through their technology partners and managed services providers.

Compiling a comprehensive cybersecurity strategy does not have to be an intimidating task, not when you have experts to help give you a clear idea of what you’re up against, what you’re trying to secure, and how you can best secure it.

This happened barely two hours after the EFCC secured the conviction of three smugglers – arrested with 1,144 ATM Cards at the same airport.

It is becoming clear that cybercrime is no longer the exclusive preserve of the southern part of Nigeria; with Lagos notoriously known as the “cybercrime capital of West Africa”, the crime is fast spreading like wild fire to other parts of the country.

The year 2021 witnessed massive cyberattacks that affected private organisations, government agencies, individuals, and supply chains globally. Nigeria had its fair share of cyberattacks and compromise albeit largely underreported.

On December 9, an acute Remote Code Execution (RCE) vulnerability was reported in the Apache logging package Log4j 2 versions 2.14.1 that shook the internet.

By December 10, more than 3.7 million hacking attempts had been made to exploit the vulnerability, according to leading cybersecurity firm Checkpoint, with more than 46% conducted by known malicious groups.

2022 is expected to witness an escalation in cyberattacks and cybercrime from what we witnessed in 2021.

The 2022 Nigeria Cybersecurity Threat Landscape enunciated here is based on cybersecurity trends in Nigeria and around the world, coupled with insights from leaders and global experts who assess the evolving cyber environment and the security threats we currently face.

From Ransomware and Business Email Compromise (BEC) scams to deepfakes, these predictions are based on existing trends while incorporating the behaviour of cybercriminals and changing technological innovations.

The year 2021 witnessed unprecedented Ransomware attacks with the rise of Ransomware-as-a-Service (RaaS) groups on the Darkweb. The average amount of reported Ransomware transactions per month in 2021 was $102.3 million, according to FinCEN Report.

Approximately 37% of global organizations said they were victims of some form of a Ransomware attack in 2021, according to IDC’s “2021 Ransomware Study.”

In 2022, the Ransomware threat and level of severity of ransomware attacks will grow. With Ransomware becoming the new digital pandemic, we expect to see the highest reported ransom paid by organisations in 2022 and disruption of service with maximum impact in terms of financial loss.

The loss would not only be calculated based on ransom paid, but in terms of financial losses due to service unavailability, loss of market share, and a drop in stakeholder confidence, amongst other factors.

As the 2023 Nigeria general elections draw nearer, the use of Deepfakes and fake news will rise in 2022. Deepfakes are videos, images, or audio recordings that are manipulated by AI technology.

In a deepfake, an individual can be presented as saying or doing something that didn’t happen.  Deepfakes are typically used to slander targets, manipulate events, falsify statements, or evidence, and create scandals. They’re made with artificial intelligence software that maps targeted people’s faces into scenes and onto other people’s bodies, or otherwise manipulate parts of videos.

The Deepfakes threat has also been used to facilitate business email compromise (BEC) fraud, bypass Multi-Factor Authentication (MFA) protocols, and Know Your Customer (KYC) ID verification, and will be increasingly used in 2022 and beyond.

Closely related to Deepfakes is Fake news.  Fake news has become a new attack vector in the past few years.

Throughout 2021, misinformation was spread about the COVID-19 pandemic, and vaccination information with the black market for fake vaccine certificates and fake PCR test results expanding globally, with several countries recording fake vaccine and test certificates for travellers. Fake ‘vaccine passport’ certificates are now on sale for $100-120  in the darkweb.

In 2022, cybercriminal groups will continue to leverage these types of fake news campaigns and fake covid documents to execute cybercrime through various phishing attacks and scams. Other likely effects of the election season are website defacement, DDoS attacks, spear phishing, and BEC.

The growth of cloud adoption through 2022 will coincide with the increase of cloud compromise and abuse. As organizations continue to rely on the cloud and cloud-hosted third-party providers, those third parties face mounting pressure to maintain confidentiality, integrity, and availability of customers’ data.

Cloud security misconfiguration and supply chain attacks will rank among the top cyber threats in 2022.  Towards the end of 2020, there was a devastating SolarWinds breach and in July 2021, the REvil ransomware gang exploited a Zero Day in Kaseya VSA to launch a supply-chain attack on its customers.

Neither of these attacks occurred in isolation. In 2022, we can expect that cybercrime gangs will continue to seek ways to hijack the digital transformation of organisations to deploy malicious code, infiltrate networks, and gain persistence in systems all over the world.

Insider threats pose a serious challenge for banks and other financial institutions in Nigeria.  Collusion between trusted insiders and cybercriminals will continue to increase in 2022.

The majority of frauds in the banking sector were perpetrated through insider information leaks. Fake alerts, sim swap scams, ATM card clones, use of ATM skimmers, and the likes, are highly successful when a bank insider is involved.

An insider threat is a malicious threat that comes from people within the organisation, such as employees, former employees, contractors, or business associates, who have privileged information concerning the organisation’s mode of operations and access to confidential information, which can assist cybercriminals to compromise the organisation or its customers.

According to a report by Abnormal Security in August 2021, a Nigeria-based ransomware gang was conducting a campaign that dangles a $1 million bribe, or a portion of any ransom collected to employees of targeted organisations if they will install ransomware on their corporate network.

It is expected that this kind of baits will be taken by more insiders in 2022 as inflation and other economic ills make life tougher for the average Nigerian.

The shift to remote work has moved from a temporary measure to help curb the spread of the virus to a more permanent strategy for many businesses.

A global survey conducted by Gartner found that 88% of organisations all over the world mandated or encouraged all their employees to work from home as the coronavirus started to spread at exponential rates. Furthermore, about 97% of the organizations immediately cancelled all work-related travel.

According to Gartner, almost 50% of employees will continue to work remotely post COVID-19. With the Omicron covid variant spreading globally, remote working will continue to be the preferred option for a very long time. Remote work will also continue to be exploited by cybercriminals in 2022.

This will come in form of phishing, man-in-the-middle attacks, malware attacks, and session hijacking.

Remote working has reshaped the threat landscape and has created new opportunities for attackers to change their approaches; and we expect this to get worse in the New Year. With more attackers entering the market with malware-as-a-service campaigns, bad actors will continue to target the essential tools that the virtual workforce is using.

These include Virtual Private Networks (VPN); which have weak security, exposed servers, and exchange email services and web applications.

Attackers will continue to exploit these servers and services or brute force them due to inefficient hardening practices.

Remi Afon is the President, Cyber Security Experts Association of Nigeria (CSEAN)