Introduction
The exponential growth in the popularity and use of the Internet due to advantages in speed of delivery, ease of sharing, faster communication, minimal cost, location transparency, and convenience has increased the propensity of individuals and organizations to keep information assets online.
Many individuals store their documents, contacts, and related information online. Groups, organizations, and governments also use online applications to capture, store and process stakeholder transactions, interactions, and information in databases. Also, the global use of electronic commerce combined with online financial payment systems, mobile apps, and electronic learning platforms has made many people live their social and economic life on the internet.
The ease of use, convenience, and convergence of these online platforms has attracted many to a daily use of the internet as the preferred information highway. The adoption of online platforms, contact-less systems, remote working has also been accelerated by the COVID-19 pandemic with drastic changes to culture, interaction, and work processes. Society just found itself in the fourth industrial revolution powered by computer networks, robots, artificial intelligence, BlockChain technologies, the Internet of Things (IOT), etc. All of these have engendered a digital lifestyle in a knowledge economy driven by internet-based networks and technologies.
According to the internet world stats (Miniwatts Marketing Group,2021)[1], a website that shows statistics of global internet usage, as at end of Q1 of 2021, out of an estimated world population of 7.8 billion people, about 5.2 billion are internet users, translating to about 66% penetration rate. Even in Nigeria, it is estimated that about 150 million people are internet users and about 32 million Facebook users, with an estimated population of 200 million people. These figures suggest a high and growing dependence on Information Technology systems and Infrastructure. Therefore, these different systems and infrastructure have become critical assets and any disruption in these services can have serious effects on economic and social lives. This brings up the issue of cyberattacks, cybercrime, cybersecurity, data privacy and protection in a connected society and how to stay safe online.
Definition of Cybersecurity and Cyberattack
According to the IT Governance Institute, UK (2021)[2], Cybersecurity refers to the use of different applications, technologies, procedures, and controls to protect information assets like software, hardware, and devices, network and telecommunications infrastructure from cyber-attacks.
A cyber-attack occurs when an unauthorized user, machine or application tries to gain entry into another machine or system to disrupt normal operations, control, disable, copy or delete information without permission. A cyber-attack can be launched by individual criminals, groups, and syndicates or even government-sponsored hackers. The reason adduced for attacks includes financial gain or plain activism towards a course or believe. Cybercriminals perpetrate their malicious intentions by accessing weaknesses or vulnerabilities in computer systems.
Common cyber-attacks include ransomware, where the victims’ system is encrypted and ransom requested before the system can be decrypted and released for use. Also common are phishing attacks, where victims are tricked to download malicious code that can copy sensitive information like passwords and ATM pass codes. Identity theft, also called credential-based attacks. in which access codes and passwords are stolen and used to gain entry into organizations system to perform unauthorized actions including fraud and disrupting normal operations are also common (TechTarget, 2021)[3]. Using non-technical means like getting close to someone to know their passcode, also called social engineering, is also another prevalent type of cyber-attack.
Causes of Cyberattacks
According to research by IBM[4], 95 percent of all security incidents involve human error. This can happen through skill-based errors or decision-based errors like carelessly double-clicking on an infected attachment or unsafe URL, lack of software patching, using default usernames and passwords or easy-to-guess passwords or even through lost laptops and mobile devices. The UK National Centre for Cyber Security’s (2019) report[5] showed that as much as 45% of users reuse their email password on other online accounts and that 123456 remains the most popular password in the world. It also seems that while many are aware of the consequences of weak or leaked passwords, they do not intentionally obey all cybersecurity rules and regulations in place.