Cybervergent, a cybersecurity-focused technology company, at the weekend released its half year cyber threat report on the activities of hackers that focus their attacks on Nigeria’s financial institutions and telecoms companies, revealing how it detected 586,130 attacks on organisations that it manages in Nigeria.
The attacks mostly external, were monitored from January to June 2024.
Among the 586,130 attacks launched on various organisations, Cybervergent was able to resolve 226,103 of the attacks by automation, while 19,920 endpoints were protected by Cybervergent.
According to the report, events analysed by Cybervergent’s Security Operations Centre (SOC), reached 304,522, while all potentially malicious events analysed by Cybervergent within the same six months period, reached 42,200.
Analysing the report, Mr. Gbolabo Awelewa, chief solutions officer at Cybervergent, said with the increasing threat in cyberspace, organisations must ensure that regular application and systems updates are carried out on existing applications and systems to prevent the attacks at scale.
“As we move forward, our Cyber Operations Centre remains steadfast in its mission to anticipate, detect, and thwart evolving threats that seek to compromise the integrity of digital assets. With a deep understanding of the threat landscape and a relentless pursuit of innovative security solutions, we are poised to continue our unwavering defense of the financial sector and other industries’ digital landscape, safeguarding organisations’ trust and confidence in the face of ever-changing cybersecurity challenges,” Awelewa said.
Highlighting the threat actors that targeted Nigeria in the first half of the year, Awelwewa listed them to include: Gelsemium, Equation Group, Lyceum, Gamaredon, Circus Spider, Mirage, Common Raven, Bronze Highland, Earth Krahang, as well as Insider Threat Syndrome.
According to him, Gelsemium is a sophisticated cyber espionage group known for its targeted attacks on high profile organisations across various sectors.
“They use custom malware and advanced techniques to evade detection, and their target is on public administration, educational services and national security,” he said.
Awelewa described the different types of insider threats to include: Disgruntled Employees, Accidental Insiders and Negligent Insiders. He explained that motivated by anger, financial gain, or a feeling of being benched, the disgruntled employee could inflict serious damage, while accidental insiders are those that capitalise on mistakes of others to launch an attack on the organisation.
He said the negligent insiders are those that reveal their credentials to others or forget to lock their laptops when leaving the office, advising on staff duty rotation and compulsory leave for all staff.
The report highlighted cybersecurity trends that organisations and institutions must tackle in the second quarter of 2024 as Zero-Day Exploits, where hackers exploit unknown vulnerabilities before anyone can patch them; Cloud Security Focus, since every organisation and institution is moving to the cloud; Cybercrime as-a-service, which allows hackers to launch frequent attacks; and Ransomware Surge, with attackers likely to use more sophisticated encryption and sneaky tactics to avoid detection and maximise the impact, including insider threats.
