In recent years, the Nigerian banking sector has faced a growing threat from cybercriminals. The latest incident involves Guaranty Trust Bank Plc (GTBank), which recently confirmed an attempted cyber attack on its website.
This attack, occurring just a day after the renewal of GTBank’s domain name, temporarily disrupted online services and raised serious concerns about the security of sensitive customer data.
Join our WhatsApp ChannelThe timing of this attack, coinciding with GTBank’s significant capital raise efforts, has highlighted the vulnerabilities that plague Nigeria’s financial institutions.
GTBank’s Cyber Attack: An Attempt to Compromise Data
On the heels of GTBank’s recent public offering, which aimed to raise N400.5 billion, the attempted cyber attack on its website has sent shockwaves through the banking community.
“We want to assure our customers that the attack was unsuccessful,” GTBank stated in response to the incident. The bank confirmed that its website was not cloned and that no customer data was compromised.
They emphasized that no sensitive information is stored directly on their website, and their Information Security team is working to restore full functionality.
The timing of this attack is particularly troubling. GTBank was closing its Offer for Subscription of 9 billion Ordinary Shares, a critical move to meet the recapitalisation target set by the Central Bank of Nigeria (CBN).
The attack raises concerns about the potential risks facing other financial institutions undergoing similar capital-raising efforts.
Rising Cybercrime in Nigeria: A Growing Concern
The incident at GTBank is not an isolated case but part of a broader trend of rising cybercrime in Nigeria.
The Economic and Financial Crimes Commission (EFCC) reported a staggering loss of $706 million to cybercrime in 2022. Ola Olukayode, EFCC Chairman, revealed that over 300 bank accounts were frozen to protect the naira from further cyber threats.
The Nigerian Communications Commission (NCC) corroborated these figures, noting that Nigerian banks lost N8 billion to cybercrime in 2022.
READ ALSO: CBN Warns GTBank, Stanbic IBTC, Others Over Dealings With 6 Countries
The NCC also highlighted that Nigeria loses $500 million annually to cybercriminal activities. These numbers illustrate the severe financial impact of cybercrime on the nation’s banking sector.
In 2021, Nigerian banks reported losses of N193.5 billion ($544 million) due to fraudulent activities, an increase from N153.4 billion ($431 million) in 2020.
The trend continued into 2022, with losses reaching N273 billion ($762 million). Projections for 2023 suggest that these losses could exceed N300 billion ($833 million), signaling an urgent need for enhanced cybersecurity measures across the sector.
The Vulnerability of Nigeria’s Banking Sector
A Financial Institutions Training Centre (FITC) report revealed that Nigerian banks lost N2.72 billion to cybercrime-related activities in the first half of 2022 alone.
Fraudulent loans were the largest contributor, accounting for 94.35 percent of the total losses in the first quarter of 2023, amounting to N5.46 billion. Mobile fraud and computer/web fraud also contributed to the losses, though to a lesser extent.
The report highlighted a decrease in outsider involvement in fraud cases, but a troubling increase in cases involving bank staff. This underscores the internal vulnerabilities financial institutions face, alongside the external threats from cybercriminals.
Emerging Threats and the Path Forward
One of the most alarming trends is the rise of mobile money SIM swap fraud. This type of fraud, which hijacks mobile money accounts, cost telecommunications consumers more than N20 billion ($55 million) in 2022.
The increase in such fraud highlights the vulnerabilities of digital payment platforms and the need for improved security protocols.
Phishing attacks have also become more prevalent, with Nigerian banks being among the top global targets. A 2023 report by Check Point Research detected over 1.3 million phishing attempts in the first half of the year alone.
This rise in phishing attacks calls for greater public awareness and education to help individuals recognise and avoid these scams.
Data breaches at FinTech companies further exacerbate these risks. A significant breach at a leading Nigerian FinTech firm in 2021 exposed the personal and financial information of over 10 million customers, emphasising the need for stringent data protection practices and regulatory oversight.
The IMF’s Call for Action
The April 2024 Global Financial Stability Report by the IMF highlighted the growing concern of cyber risk for macro-financial stability.
The report urges authorities to develop a national cybersecurity strategy, including effective regulation, supervision, and regular assessments of potential systemic risks, particularly from third-party service providers.
It emphasises the need for financial institutions to enhance their cyber hygiene, elevate cyber governance to the board level, and improve data reporting and incident response mechanisms.
The report also stresses the importance of international cooperation in tackling cyber threats that often cross borders. Financial firms are encouraged to develop and test response and recovery procedures to maintain critical services during disruptions.
Strengthening Cybersecurity: A Necessity for Nigerian Banks
As Nigerian banks increasingly move online and embrace digitalisation, the risk of cybersecurity breaches becomes more pronounced.
With financial losses mounting and cybercriminal tactics evolving, financial institutions must bolster their cybersecurity frameworks.
Investing in advanced security technologies, conducting regular security audits, and fostering a culture of cybersecurity awareness among employees and customers are essential steps. Only by adopting these proactive measures can Nigeria’s financial institutions hope to build a resilient defense against the growing threat of cybercrime.
GTBank’s recent cyber attack serves as a stark reminder of the vulnerabilities that plague Nigeria’s banking sector. It is a wake-up call for all financial institutions to reassess their cybersecurity measures and ensure they are prepared to defend against the ever-evolving threats posed by cybercriminals.
As the sector continues to navigate the challenges of digital transformation, strengthening cybersecurity will be paramount in safeguarding both customer trust and the integrity of the financial system.
Emmanuel Ochayi is a journalist. He is a graduate of the University of Lagos, School of first choice and the nations pride. Emmanuel is keen on exploring writing angles in different areas, including Business, climate change, politics, Education, and others.
Follow Us