Expert blames cyber-attacks on human errors
Science & Tech
THE Nigeria Data Protection Commission (NDPC) on Wednesday identified human errors as a significant factor contributing to data breaches in organisations.
Mr Olorunisomo Isola, the Head, Information Technology and Cybersecurity, NDPC, made this known during a capacity building for members of the Nigeria Information Technology Reporters Association (NITRA) Lagos Chapter.
The training, which took place in Ikeja, was on data protection and privacy,
Isola said that cybersecurity issues are usually treated as a technology problem, whereas most data breaches are as a result of human error.
He said that employees can unintentionally help cyber-attackers break into an organisation.
The NDPC boss said that attackers often carefully profile the employees of the company they are targeting, noting that this could be done through social media and by researching publicly available information.
“Once a target has been selected, one of the most common ways to execute a cyber-attack; is to send phishing e-mails directly to employees in a targeted company.
“These emails usually contain either a link or a Microsoft Office document embedded with malicious code. Thus, employees can unintentionally help cyber-attackers break into an organisation,” he said.
Isola said that curbing cyber-attacks using firewalls was not enough, adding that it was necessary to work on human errors within the organisation as well.
He noted that security awareness and training of employees were just as important.
Isola stressed that raising awareness could be done through webinars, on-site events, as well as proper onboarding of security policies, training manuals and pamphlets.
He also said that companies should adopt email policy, as email was a critical communication channel and having such policy would ensure secure usage.
The cybersecurity expert stressed the need to use only official company email accounts for business communications.
He noted that they should also avoid opening emails or attachments from unknown or suspicious sources.
“We need to be cautious of phishing attempts and report them immediately.
“Companies and individuals should also ensure that sensitive information is encrypted before transmitting via email,” Isola said.
Speaking on the types of attacks, he said there were phishing, man-in-the-middle, password, drive-in, dictionary, ransomware and Artifical intelligence (AI)-powered attacks.
Isola noted that AI-powered attacks are one of the most dangerous ones.
He said that cybercriminals could leverage AI to carry out sophisticated and targeted attacks.
“AI-powered attacks can be more destructive and challenging to detect than traditional cyber-attacks.
“They are smart enough to understand how to analyse all possible attack vectors, select the best option, execute successfully, and evade detection, all while adapting and evolving in real time.
“AI-powered attacks can also be more efficient, allowing attackers to carry out attacks on a larger scale and with greater accuracy.
“It will be a serious problem to deal with in the nearest future,” he said. (NAN)
A.
– July 19, 2023 @ 15:04 GMT |
Related Posts
Biotechnology society bestows champion award on AATF’s Oikeh
THE Biotechnology Society of Nigeria has awarded Dr Sylvester Oikeh of African Agricultural Technology Foundation (AATF) with its prestigious Champion Award for...
Read MoreUK, Nigeria stakeholders partner on cybersecurity
THE UK is uniquely placed to partner with Nigeria to raise awareness and tackle emerging threats and cybersecurity challenges affecting...
Read MoreFG inaugurates online service-wide circular portal
THE Federal Government on Wednesday inaugurated an online Compendium of Circulars – a service-wide portal designed to make circulars easily...
Read MoreMost Read
Subscribe to Our Newsletter
Keep abreast of news and other developments from our website.