Recently, we had a chat with Gbolabo Awelewa, a technical consultant at Sothes, organizers of the just concluded CyberXchange Conference. A self-professed Chief Geek, Gbolabo is a Business Continuity Manager, an IT Specialist and a Cyber Security Specialist. He is also the Chief Technology Officer at Coronation Merchant Bank, Victoria Island, Lagos.
TECHnically: As a Cyber Security expert, can you tell us a bit about the state of cyber security in Nigeria?
Gbolabo Awelewa: It is not necessarily in top shape but I would not say it is bad. When you calculate (major) threats against protection available, we cannot really say that the state of our cyber security is bad. But it may just be because we haven’t really suffered attacks.
TECHnically: Why do you think this is the case? Could it be our level of technological advancement?
Gbolabo Awelewa: Yes, it could be because there is no real value yet. For example, why would I need to hack a Nigerian bank or organisation when what I need is information that won’t be available in that database?
TECHnically: What industries are most affected by cyber security threats?
Gbolabo Awelewa: You’d think it’s just the financial industries but then you also have the telecommunications giants, retail chains, Jumia, Konga, and other online stores and airline purchases outfits and electronic retail markets generally. That’s where hackers can get a lot of customer information.
You’ll see now that Facebook is putting in a lot of cybersecurity measures because they realise that a lot of financial activities are being carried out on there.
TECHnically: So how do you get the message of cyber safety across to the masses?
Gbolabo Awelewa: For now, we just send messages across to people on social, personal, business platforms that they are subscribed to. Before you know it, we will start putting up cybersecurity messages on the National news.
TECHnically: What are the popular types of breaches Nigerians are exposed to ?
Gbolabo Awelewa: Phishing mails. You get a spam mail, you get a phishing link and if you click on it, you get asked to submit your card details. There’s also the “spear phishing” which is exactly the same as the first but then this type is carried out by a person who already has his victim’s details. So the attacker has details that not many people are privileged to.
The only way to flag these types is to be extra careful – check the sender’s email properly and confirm with the presumed sender whenever any instruction in the email looks suspicious.
Always double-check.
TECHnically: Are there any other types?
Gbolabo Awelewa: We also have malware but that has not really caught on in Nigeria.
The way this works is when you download a software or a tool that locks up your computer and you get a message to pay a certain amount in bit coins to regain access to the computer otherwise you cannot use the system again.
The recommendation we give here is first to always have a backed up system so that you don’y have to pay the ransom. Once you pay, they will keep coming back.
TECHnically: What are your top 3 advices to people to stay safe online?
G.A: The first is to always restrict access to only information that is very necessary and to people who are trusted on your social media.
Secondly, do not share you PINs and passwords with anyone.
And finally, always ask when you are not sure. So you don’t run an application you are not sure about; always have anti-virus and keep it updated and do not insert a USB drive you do not trust in you computer.
TECHnically: Has the government played any part in ensuring Cyber security of Nigerians?
G.A: Not really. We do have a cyber security policy but we need to activate it first for it to be useful to protect individuals and businesses.
Leave a reply