Nigeria and other countries are facing shortage of skilled cyber security personnel, a development that could lead to financial losses of $6trillion by 2021, a cybersecurity expert has warned.
Speaking in Lagos at a forum jointly organised by the Internet Centre for Leadership Development and the United States Consulate General, Lagos, to mark this year’s National Cybersecurity Awareness month, President, Information Security Society of Africa (ISSA)-Nigeria, Dr David Isiavwe, lamented that the urge to get financial reward stood out as the major motivating factor for cybercrooks.
Isiavwe, who is also the General Manager of Union Bank, said cybercrooks have upped their game and proved that there is no aspect of human endeavours they cannot infiltrate. He cited the Japan digital currency breach, to which $60million was lost, adding that the development had pulverised the belief that the cryptocurrency space was the safest and not vulnerable to cyber-attacks.
He said the fraudsters keep extorting the victims through social engineering, making phone calls that appeared to have originated from their banks and urging them to switch off their phones, requesting for their Card Verification Value (CVV Number) which is a three-digit number on credit or debit card. When the unsuspecting victim discloses this information, they will now ask him or her to switch off phone for another two hours to enable the bank rectify the problem on the account. He said by the time the victim switches on the phone, all cash inside would have been withdrawn.
He lamented that there are too few professionals in the cybersecurity space, adding that no fewer than six billion people would be attacked by 2021. According to the expert, cybersecurity spend is also expected to exceed $1trillion by 2021 while the cost of damages as a result of ransomware will reach $11.6billion by next year because victims pay for their freedom with cryptocurrency.
Isiavwe said the solution to this data back up and not payment of ransom, advising against disclosing personal identification number (PIN) with anybody. “Do not click on email attachment which you do not know the source; organisations must do patching and provide access only on need basis.