LSE - Small Logo
LSE - Small Logo

Abuh Ibrahim Sani

October 9th, 2024

Nigeria must tackle corruption to improve its cyber security

3 comments | 32 shares

Estimated reading time: 5 minutes

Abuh Ibrahim Sani

October 9th, 2024

Nigeria must tackle corruption to improve its cyber security

3 comments | 32 shares

Estimated reading time: 5 minutes

Corruption in the Nigerian public sector is a serious threat to the protection of data and infrastructure from cybercriminals in Nigeria, writes Abuh Ibrahim Sani.

Corruption has long been a problem in Nigeria. It affects every aspect of governance, from infrastructure to public services. One area where its effects are becoming more visible is cybersecurity within government organisations. As the country moves toward e-governance and a digital economy, corruption poses a serious threat to the integrity of sensitive data vital for growth and national security. A culture of impunity and lax accountability has exposed the country’s digital infrastructure to serious risk.

Nigeria’s digital transformation and cybersecurity challenges

Nigeria has embraced digitalisation in many areas of its government and business. From the implementation of the National Identity Number (NIN) system to the centralisation of public services on digital platforms, the Nigerian government has made significant investments in digital infrastructure. However, this transition requires the protection of sensitive data, national digital infrastructure, and effective cybersecurity regulations.

Nigeria is vulnerable to cyberattacks, which are exacerbated by the country’s underlying corruption problem. Government databases have been compromised, electoral systems hacked, and personal information taken. The vulnerabilities in Nigeria’s cybersecurity architecture are frequently linked to corruption in government organisations, where poor monitoring, bribery, and fraud hinder the country’s ability to protect its digital assets.

Procurement fraud

Procurement fraud is one of the most prominent forms of corruption among Nigerian government entities. It happens when contracts for essential security infrastructure are allocated based on favouritism, nepotism, or bribery rather than expertise and value. This frequently results in the adoption of subpar or poorly maintained cybersecurity systems that fail to safeguard sensitive data.

A report by the Centre for the Study of the Economies of Africa noted that Nigeria loses approximately $18 billion annually to corruption and financial crimes related to procurement. Many of these losses occur in sectors like IT, where officials award contracts based on bribes or favouritism rather than merit. This creates weak points in critical government systems, exposing sensitive information to exploitation by cybercriminals. The manipulation of procurement processes to certain contractors also limits competition, resulting in subpar cybersecurity measures in government networks.

Critical cybersecurity technologies and services are bought by various Nigerian government entities without proper due diligence, with officials frequently accepting bribes in exchange for handing contracts to unqualified vendors. This has made government systems vulnerable to cyberattacks. In 2023, the Independent National Electoral Commission was chastised for being unprepared for cyber threats, despite having spent large amounts to defend its digital infrastructure ahead of the general elections.

Insider threats

Corruption in Nigerian government organisations also includes insider threats, in which personnel exploit their access to critical systems encouraged by low accountability and weak regulation. This type of corruption introduces major vulnerabilities by allowing attackers to exploit internal flaws, frequently without discovery. Between April and June 2024, Nigerian banks lost £20 million to fraud from internal threats.

Bank workers have altered settlement numbers and added fake amounts, creating challenges for detecting fraud in real time. This showcases how the presence of humans in systems can serve as a significant vulnerability, leaving institutions susceptible to cyber threats even after investing heavily in cybersecurity.

Weak accountability

A lack of accountability heightens all cybersecurity vulnerabilities. In a system where corrupt activities go unpunished, officials have little motivation to implement cybersecurity policies or protect sensitive systems. This culture of impunity has resulted in several cybersecurity disasters, with government officials refusing to accept responsibility for security breaches or lapses. In June 2024, Nigerian citizens’ data were auctioned for N100. Despite public outrage, no substantive investigation was carried out, and no officials were held responsible for the breach. This lack of accountability not only undermines public trust, but it also fosters an environment in which similar breaches can occur without consequence.

The lack of effective supervision systems encourages corruption within cybersecurity authorities. Government audits and investigations into breaches are frequently shallow and focused on damage control rather than addressing the underlying causes of the issue.

Misallocation of resources

To keep up with growing threats, government agencies must make large investments in cybersecurity tools, technologies, and expertise. However, in corrupt systems, cash intended to improve cybersecurity may be embezzled, misused, or diverted for personal advantage. This misappropriation leaves agencies underfunded. These agencies are then vulnerable to cyberattacks because they cannot invest in cutting-edge defences such as artificial intelligence-based threat detection or continuous security monitoring.

National Security vulnerabilities

In today’s linked world, cyberattacks can have disastrous implications, ranging from destroying essential infrastructure to stealing sensitive information. When corruption erodes cybersecurity, government networks become more vulnerable to state-sponsored hackers, cybercriminals, and other harmful actors.

The risks are especially significant in industries such as energy, defence, healthcare, and transportation, where a successful cyberattack might result in widespread disruption or even death. Corruption increases the likelihood of a catastrophic breach with far-reaching ramifications for national security by undermining cybersecurity protocols, mismanaging resources, and allowing insider threats to proliferate.

If corruption in crucial institutions in Nigeria persists and digitalisation increases it could leave critical national infrastructure vulnerable to attacks by states or independent hackers.

Combating corruption

Addressing corruption in Nigeria’s government institutions is critical to improving cybersecurity. One of the first steps toward achieving this is to improve transparency and accountability in public procurement processes, particularly when purchasing cybersecurity equipment and services. Ensuring that contracts are allocated on merit has the potential to greatly strengthen cybersecurity infrastructure.

In addition, it is vital to establish a culture of accountability within government. Whistleblower protections should be improved to promote the reporting of corrupt acts. Implementing new technologies like artificial intelligence and machine learning to monitor internal activities could aid in the detection of insider threats and the identification of patterns of corrupt conduct before they lead to security vulnerabilities.

The implications of corruption are far-reaching, hurting not just national security but also Nigeria’s worldwide reputation. As the country embraces digital transformation, combating corruption in government institutions is critical to protecting its digital infrastructure and sensitive data from cybercriminals and foreign actors. Without a coordinated effort to address corruption, Nigeria’s cybersecurity vulnerabilities will only worsen, making the country susceptible to increasingly sophisticated cyber-attacks.


Photo credit: Pexels

About the author

Abuh Ibrahim Sani

Abuh Ibrahim Sani

Abuh Ibrahim Sani is an IT Specialist at St Raphael's Hospice and the Co-founder of Eybrids. a start-up cybersecurity firm. He is a skilled Cybersecurity Analyst and Researcher with expertise in vulnerability analysis, network security, cloud security, smart contracts, the Internet of Things, and incident management. Abuh is a Board Member of Lumina Literati Publishing.

Posted In: Economics | Technology

3 Comments

Bad Behavior has blocked 2288 access attempts in the last 7 days.