UNIVERSITY OF NIGERIA NSUKKA

FACULTY OF ENGINEERING

DEPARTMENT OF ELECTRONIC AND COMPUTER

ENGINEERING

GSP 208

CYBERSECURITY CHALLENGES IN THE MODERN AGE

200LEVEL

EZEOME UGOCHUKWU EKENEDILICHUKWU

2021/244303

LECTURER: DR. MRS. ONUORAH C. P

 TABLE OF CONTENT

Introduction

Cyber crimes and their threats to cyber security(APC)

Workspace lapses and its consequences

Modern Organisation threats

Solutions to such threats

Conclusion \ Relevance of study

Intoduction

Cybersecurity as defined by IBM refers to any technology, measure or practice for preventing

cyberattacks or mitigating their impact. With the emergence of new technologies, cybercrime has also

been a growing concern in recent years. It is vital for organizations around the globe to stay vigilant and

proactive against the threats to come by continually updating their security protocols and practices. The

greatest threats to cyber security is cyber criminals and the differnet crime they are capable of actualizing.

Cybercriminals are constantly evolving their techniques to exploit new vulnerabilities, resulting in an

increased risk to both individuals and organizations worldwide. The threat landscape is constantly

changing and evolving, with new forms of cybercrime emerging every day

This article will cover:

1. Advanced persistent cyber crimes(APC): The different schemes implemented to commit crimes

online.

2. Cybercrime workforce gaps: Work force related causes

3. Modern Organisation threats

4. Solutions
I. Advanced persistent cyber crimes(APC)

· Business Email

· Phishing

· Ransomware attack

· Banking Trojans and Stealers .

· Online Scams

· Cyber Extortion

· Crimeware-as-a-Service

Business Email Compromise

For the seventh consecutive year, Business Email Compromise (BEC) attacks have been the most

financially devastating cyber threat worldwide. Apart from causing significant financial losses, BEC

scams can also damage an organization's reputation if customers become aware that they have been

affected by such malicious activities. Many of the actors carrying out BEC scams have been found to be

based in West Africa with the target victim of their schemes not confined by geographical borders. These

cybercriminals have become more sophisticated in recent years and have developed ways to avoid

detection by law enforcement by using multiple email accounts and routing funds through international

bank accounts and shell companies. They may also use encrypted communication channels such as chat

apps or dark web forums to further conceal their activities, which makes it even more difficult for law

enforcement agencies to track them down, especially as they may be spread across multiple countries or

jurisdictions. Moreover, some scammers even collaborate with money mules who help launder money
through a variety of shell companies and offshore bank accounts. This enables them to remain anonymous

and puts them beyond the reach of the authorities.

Another factor that contributes to the rise in BEC attacks across Africa especially is the lack of basic

cyber security practices within companies operating on the continent. Many organizations do not have

adequate policies in place for managing access control protocols, authentication processes, or encryption

standards, thus leaving themselves vulnerable to attack through unsecured systems and user accounts with

weak passwords. This means that even if an employee were able to detect fraudulent emails sent by

scammers, there would still be no way for them to protect themselves against the threat they pose as the

proper defences are not in place from the outset.

One of the most common characteristics of BEC attacks is the use of social engineering techniques by

scammers who exploit their understanding of regional culture and language. These actors may

impersonate someone their victims know and create a situation or instantiation of need, leading them to

comply with the requests made in the emails without checking that they are legitimate.

Phishing

Phishing is one of the oldest and most pervasive cyberthreats in existence. It is estimated that up to 90

percent of data breaches are linked to successful phishing attacks, making it a major source of stolen

credentials and information. Phishing techniques have grown increasingly sophisticated over the years as

attackers learn how to target victims with greater accuracy.Attackers can craft messages that appear to be

from trusted sources such as banks, governments, or even friends and family members. These messages

typically contain malicious links or attachments which can lead victims to malicious websites or

malicious files containing viruses or malware. The ultimate aim of phishing attacks is often to gain access

to confidential data such as financial information, passwords, and detailed contact information, amongst

others.

Then this data can be used for financial gain and/or identity theft by selling it on dark web markets or
using it for other malicious purposes such as extortion or furthering other types of cybercrime-related

activities. This makes phishing a significant threat, not only due to the potential financial losses but also

due to the damage caused by the other forms of cybercrime that may result from a successful attack. As

technology advances and attackers become more sophisticated in their techniques, phishing remains an

ever-present threat for organizations and individuals alike. Attackers use social engineering tactics such as

impersonation and scare tactics to increase their chances of success. Also, automated tools such as spam

bots have made it easier for attackers to send large numbers of emails or messages and therefore increase

their chances of success. All these factors combined lead to a continuing and unprecedented level of risk

associated with phishing attacks which makes them one of the most dangerous cyber threats that exist

today. Phishing emails are becoming increasingly sophisticated in terms of both design and content,

making them harder for the average person to spot. Furthermore, criminals have been known to use social

engineering tactics in order to make them appear more authentic. For instance, many scammers will

create fake email accounts using domain names which are similar to legitimate company names in order

to increase their chances of success when targeting unsuspecting users. This can often lead victims to

believe that they are interacting with a genuine representative of the company which is being

impersonated.

Public awareness campaigns and education are lacking, thus citizens are not adequately informed about

these types of scams, nor are they provided with resources and guidance on how to protect themselves

from these cyberthreats. The lack of knowledge surrounding cyber hygiene in Africa especially makes

people even more vulnerable and makes it even easier for those committing these crimes to launch

successful phishing campaigns without detection or reprisals from local authorities. The extent of

phishing attacks can be attributed to the relative ease with which an individual can engage in this criminal

activity. This is due, in part, to the availability of Phishing as a Service (PaaS) on the dark market. For as

little as USD 20, an individual can purchase a phishing kit that comes with all the materials necessary for

launching a successful attack. In addition, video tutorials are provided which demonstrate how to use and
assemble the kit. There are also after-sales service packages with regular updates that help prevent the

criminals’ phishing emails from being detected by modern internet security solutions. Threat actors who

may not have any technical knowledge can therefore launch their own phishing attacks with minimal

effort. These kits may come with code produced by experienced programmers that allow attackers to host

websites without any knowlegde of such and also they include pre-made anti-detection tools and

templates for designing effective emails that can bypass spam filters to reach victims inboxes undetected.

Ransomware

The number of ransomware attacks has been rising steeply over the last few years, and they are now

considered to be one of the most serious threats faced by organizations of all sizes worldwide.

Cybercriminals use this malicious software to take control of an organization’s critical business systems,

encrypt their data, and demand payments in exchange for restoring access. Such attacks can be extremely

costly to businesses, as the financial losses incurred due to downtime and recovery efforts quickly add up.

Companies affected by ransomware attacks also risk significant reputational damage as customer data

may be made public or stolen during such incidents, thus jeopardizing their trustworthiness in the eyes of

customers and other stakeholders. According to IBM’s 2022 Cost of a Data Breach Report , the total

average cost of a ransomware attack was considerably higher than the average cost of a data breach, with

ransomware attacks amounting to a staggering USD 4.54 million compared to the already costly USD

4.35 million for a data breach. The impact of other malicious programs should not be underestimated as

all these threats have the potential to significantly disrupt business operations by encrypting critical data

or systems, resulting in large ransom payments or extensive downtime while organizations struggle to

recover the affected files. A report from Trend Micro revealed that the top five most frequently attacked

sectors include government agencies, education, energy, retail, and fast-moving consumer goods. Another

report observed that critical infrastructure including healthcare and transportation is also targeted.

Data protection and backup tools have improved significantly over time, which has rendered traditional
ransomware tactics increasingly ineffective. When an organization has a backup of their locked data, they

do not need to pay the recovery ransom demanded by the cybercriminals. As a result, these malicious

actors have had to become more creative, developing double and triple extortion ransomware.

The latest evolution has been the development of Ransomware as a Service (RaaS), which allows

cybercriminals to lease pre-developed versions of ransomware which can be used to carry out attacks.

With the availability of RaaS, successful ransomware attacks is made easy for the average actors or

attackers and no longer need to have advanced technical skills and experience. In addition, this type of

service also makes it much easier for attackers to target multiple victims at once due to its scalability and

flexibility. Moreover, attackers can easily adjust their techniques depending on what works best in each

case as they can quickly switch between different versions of malware.

Data shared by 42 countries in the African region revealed that only 59 reports of ransomware cases have

been filed with law enforcement agencies in 11 African countries. The actual situation is believed to be

worse: as many individuals and businesses are unwilling to report these cases to the police, it is estimated

that only a small percentage of ransomware incidents are made public. The reasons for not reporting a

ransomware attack may be the individual’s fear that the data that has been encrypted will lose value, or

businesses not wanting their customers to know that their data has been compromised. Victims often

remain silent about incidents and pay ransoms quietly, while attackers do not always publish data from

compromised networks.

Banking Trojans and Stealers

The African region is seeing an immense surge in the digital technology sector, particularly in financial

technology and e-commerce. This growth is due to increased internet access and improved mobile

penetration, which allows people to access servicesthat were previously unavailable. This has revealed

new opportunities for businesses to grow and expand their operations across the continent. However, this

rapid growth also facilitates attacks in the form of malicious software such as banking trojans or stealers,
which represent one of the greatest threats to both individuals’ security as well as organizations’ cyber

infrastructures. Banking Trojans and Stealers can be installed manually or remotely using social

engineering techniques such as emails containing malicious links or attachments which after intallation

collect personal information from an infected computer and communicate this stolen data via the internet

to a remote server controlled by the attacker. Cybercriminals may use the information obtained to steal

money directly from the victim, or sell the information on underground markets. It has been shown that

this stealer malware is usually distributed through cracked games, applications, and services, with the

intent to steal sensitive information such as web browser data, cryptocurrency wallets, and application

credentials for users of popular programs such as FileZilla, Discord, Steam, Telegram, and VPNs.

Banking trojans and stealers pose a real threat in Africa especially which needs to be taken seriously if

citizens are to be protected from the financial losses that result from stolen funds or identity theft as such

Citizans should be proactive and keep their online security measures up to date in order to deter potential

attacks.

Online Scams and Extortion

Online scams include a wide range of fraudulent activities in the digital sphere. Advance payment/non-

delivery scams, shopping scams, romance scams, sextortion, tech support scams, and cryptocurrency

scams are among the most common online scams and are becoming increasingly prevalent in the African

region.

In advance payment scams, fraudsters ask for financial deposits before delivering goods or services.

Criminals usually use this to collect money from unsuspecting individuals and then disappear without

providing any goods or services.

Shopping scams involve attackers attempting to deceive online buyers into believing they are purchasing

genuine products at discounted prices instead of these victims receive counterfeit items or nothing at all.

Romance scams occur when fraudsters build an emotional connection with an unsuspecting person by
creating a false identity on a social media platform or dating website. After establishing trust and gaining

access to personal accounts, the criminal uses this relationship to request money from their victim under

false pretences, or steal sensitive information such as passwords and bank account details.

Sextortion is another concerning type of online scam – a hybrid form of romance scam – where criminals

blackmail victims by threatening to share intimate images or videos unless a ransom is paid.

Tech support scams are a type of fraud inwhich criminals pose as legitimate representatives from

technology companies offering technical assistance in order to gain access to users computers and extract

valuable data such as passwords and financial information. Criminals may employ several strategies such

as cold calls, pop-up ads, bogus emails, or automated messages claiming that users computers are infected

with malware in order to convince their victims into allowing remote access to their systems.

Cryptocurrency scams take advantage of the increasing popularity of cryptocurrencies such as Bitcoin and

Ethereum by enticing investors into buying fake currencies. Cryptocurrency scammers have also been in

use of tactics such as creating fake wallets and exchanges in order to steal funds from unsuspecting

victims.With billions of users everyday usage skyrocketing, social media platforms have become a

lucrative target for cybercriminals and scammers. Although people’s attitudes towards social media have

changed in recent years, their behaviour has not changed. Many users are still operating under the same

assumptions about the way their personal information is handled, which leaves them vulnerable to

attacks.

Crimeware-as-a-Service (CaaS)

Crimeware being offered as a service – is something cybersecurity experts, law enforcement communities

and other stakeholders involved in digital security have always been aware of. CaaS has made it possible

for cybercriminals to offer their malicious code as a “service” to other criminals, who use it to perform

malicious activities. By offering crimeware via a CaaS modeaffordable cost. The ease with which they

can subscribe to such services, or even use them on a ‘pay per-usel, cybercriminals can now provide
access to a wide range of malware variants at an ’ basis, allows them to quickly deploy malware on a

global scale without the need for any specialized technical knowledge. These services also enable

attackers to stay anonymous, as most providers guarantee complete anonymity throughout the transaction

process.

II. Cybercrime workforce gaps

As new cybersecurity threats continue to loom, the industry is running short of workers to face them. The

2022 (ISC)2 Cybersecurity Workforce Study identified a 3.4 million worldwide cybersecurity worker gap.

The total existing workforce is estimated at 4.7 million. Yet despite adding workers this past year, that gap

continued to widen.

Nearly 12,000 participants in that study felt that additional staff would have a hugely positive impact on

their ability to perform their duties. More hires would boost proper risk assessment, oversight, patching of

critical systems and proper system configuration.

Many factors have contributed to this gap in essential cybersecurity workers. Some of the top reasons the

survey identified were a lack of internal promotion opportunities, struggles with turnover and attrition,

budget issues and a lack of qualified talent.

Unfortunately, misconceptions and complexity have built a wall around the industry. This, at least in part,

may explain the high percentage of people with university degrees working in cybersecurity fields. In

fact, 82% of the workforce have a Bachelor’s or Master’s degree.

That level of formal education may have been necessary in the past, but the industry requires all types of

workers right now. The first step to closing that worker gap will be to ensure that the public understanding

of “cybersecurity” is properly dispersed. Core skills aren’t coding or highly advanced math; core skills are

problem-solving, investigative thinking, dedication and hard work.

The cyber security workspace requires problem-solving abilities and related work experience as the

basis. Certification and other qualifications are secondary therefore I believe both somebody with a high

school diploma but has managed computers and IT systems since they were a teenager, making mistakes

along the way but solving them with passion and curiosity and a person with a cybersecurity degree who

read about the field in a book, spending limited time with hands on a keyboard are both in the pool of

qualified people to fill up these gaps. Some positions require a strong mix of experience, paper

qualification and/or validation, and years of battle hardening. For instance, a CISO or senior-level SOC

analyst will almost certainly have done time in the trenches.

But some positions grant some low-risk, hands-on experience. If an organization finds a candidate with

sincere curiosity, problem-solving skills and the appropriate soft skills, their paper qualifications may not

matter. Rather, what will determine success is the organization’s ability to train the individual on the

necessary tools and the core technical competencies required to complete the job.

Training can bridge the gap, thats by giving enthusiatic individuals opportunties to learn on the job from

other employee the skills required to take on tasks. Thus this means the if certain cyber sercurity

workspaces require more workforce then other than the cerficate holders and managers who were

screened into their various jobs, Certain individuals with good work ethic and passion for the occupation

and learning should be employed as apprentice to learn on the job and gain irreplaceable hands on

experiences which can substitute for degree holders in the long run and increase workforce.

III. Modern Organisation threats

Malicious, negligent and compromised users are a serious and growing risk. As the 2022 Cost of Insider

Threats: Global Report reveals, insider threat incidents have risen 44% over the past two years, with costs

per incident up more than a third to $15.38 million. The purpose of this research is to provide guidance on

what insider threat can cost an organisation.

Here are just a few highlights from this year’s report:

The cost of credential theft to organizations increased 65% from $2.79 million in 2020 to $4.6 million at

present.

The time to contain an insider threat incident increased from 77 days to 85 days, leading organizations to

spend the most on containment.

Incidents that took more than 90 days to contain cost organizations an average of $17.19 million on an

annualized basis.

These reports were highlighted by the proofpoint and ponemon institute and the entire article can be view

on the Ponemon 2022 insider threat Report

IV. Solutions

To effectively combat these threats, a well-structured cybercrime and cybersecurity mechanisms should

be implemented. Having policy, legislation, and agencies in place can provide an appropriate level of

response to the broad range of cyber threats and incidents that are faced by countries worldwide.

The principle of least privilege(PoLP) should be utilized which is a fundamental concept in cybersecurity.

It is the practice of limiting access to resources for members of an organization. Thus every person in an

organization should only have enough permissions to do their particular job functions. Nothing less,

nothing more. This helps to minimize the risk of unauthorized access to sensitive data and systems.

Law enforcement agencies should also consider investing in strengthening their capacity to combat

cybercrime and cyber enabled crime through;

· Reviewing cyber-related investigation unit and digital forensic unit capabilities

 · Enabling tools such as Big Data Analytics and crypto-tracing

· Building external relationships with major industry entities for better information sharing and the

exchange of expertise

· Developing Standard Operation Procedure(SOPs) for investigations and forensic examinations

· Centralizing digital forensics tools using a service centre model that serves all parts of the

policing agency, with benefits in terms of knowledge transfer and individual specialization, and

efficiency gains in terms of procurement

· For scalability, an e-learning platform comprising cybercrime and digital evidence content should

be developed.

Conclusion

The security vulnerabilities of the modern era are numerous and with the new technologies being brought

into fruition, it is intergral that measures are taking to prevent attackers from bypassing access controls.

The relevance of such studies in the enlightment of users, organisations and workers cannot be over

estimated. Cyber crime remains one of the greatest economic threats to businesses world wide by utilizing

security vulnerabilities in order to gain access to sensitive information or financial assets, and this results

in billions of dollars’ worth of losses each year. In today’s increasingly digital world, the sooner countries

are aware of a threat, the sooner they can take steps to mitigate the risks and neutralize any cyberthreats

they face.
Bibliography

INTERPOL. (2023). African Cyberthreat Assessment Report 2023: Cyberthreat Trends

https://cybilportal.org/publications/african-cyberthreat-assessment-report-2023-cyberthreat-trends/

Ponemon Institute. (2022). Cost of Insider Threats Global Report.

https://www.proofpoint.com/us/resources/threat-reports/cost-of-insider-threats

IBM Security. (2019, August 20). Bridging Workforce Gaps: How to Build a Cybersecurity Talent

Pipeline. Security Intelligence. https://securityintelligence.com/articles/bridging-workforce-gaps/

Afshar, V. (2022, April 21). Cybercrime threatens business growth.

https://www.zdnet.com/article/cybercrime-can-be-the-biggest-threat-to-business-growth/

Cross-site scripting. (2023, January 8). In Wikipedia. Retrieved January 8, 2024, from

https://en.wikipedia.org/wiki/Cross-site_scripting