Nigerian Harmonized Cyber Security Bill Essay Example
Nigerian Harmonized Cyber Security Bill Essay Example

Nigerian Harmonized Cyber Security Bill Essay Example

Available Only on StudyHippo
  • Pages: 13 (3525 words)
  • Published: December 28, 2017
  • Type: Case Study
View Entire Sample
Text preview

The paper discusses various types of cyber-crimes, such as hacking, data theft, spreading viruses and worms, identity theft, yahoo attack, and cyber terrorism. It explores the causes and effects of cyber-crime on banking, transactions, and reputation. Additionally, it addresses the measures in place to reduce cyber-crime. These types of cyber-crimes have been extensively studied in literature and have been encountered by bankers and financial institutions.

In developing countries such as Nigeria and Ghana, cybercafes have gained notoriety for engaging in illegal activities including hacking, data theft, distributing viruses or worms, committing fraud, stealing identities, launching yahoo attacks, and participating in cyber terrorism. Hacking is the act of unauthorized attempts to bypass security measures on information systems or networks. In simple terms, it involves accessing computer systems, programs, data, and network resources without permission. Originally, the t

...

erm hacker referred to a highly skilled programmer.

As of late, the easier access to multiple systems has led to negative consequences. Acts such as unauthorized disclosure of access codes, interference with people's systems, device misuse, denial of service, and records retention are considered criminal under Nigeria's Harmonize Cyber Security Bill of 2011. Those found guilty may face imprisonment or fines. Hacking offenses can be prosecuted with the permission of the court and have serious consequences determined by the magistrate.

Regrettably, Ghana lacks legislation specifically addressing these types of crimes, unlike Nigeria. The Police in Ghana still rely on conventional crime laws related to false pretence, specifically Section 131 of the Criminal Code Act 29/60 and its associated statutes. Offenses committed under these laws are classified as boilable offenses and are subjected to lesser punishments, which ultimately fail to dete

View entire sample
Join StudyHippo to see entire essay

cyber fraudsters effectively.

The act of data theft is on the rise, especially among office workers who have access to various technologies such as desktop computers and handheld devices that can store digital information. Flash drives, pods, and digital cameras are examples of these devices. In today's world, the consequences of data theft can be significant because large files can be easily transmitted through email, web pages, USB devices, DVD storage, and other portable devices. It is important to mention that sections 2-18 of the Harmonize Cyber security Bill 2011 in Nigeria make both data theft and data forgery illegal.

According to the Information Technology (Amendment) Act, 2008, data theft refers to the unauthorized act of downloading, copying, or extracting any data, computer database, or information from a computer system or network. This also includes accessing information stored in removable storage mediums without permission from the owner or authorized person.

Law ; Punishment: Under the Information Technology (Amendment) Act of 2008, the combined application of Section 43(b) and Section 66 is relevant. Additionally, offenses related to data theft are also applicable under Sections 379, 405, and 420 of the Indian Penal Code of 1860. It is important to note that data theft offenses are considered cognizable and boilable, subject to permission from the court handling the prosecution. Any magistrate has jurisdiction over such offenses. The act of spreading viruses or worms can cause significant harm as intended by their creators. These malicious programs can transmit your data to a third party and subsequently erase it from your computer.

The capability to harm and disrupt your system, rendering it inoperable unless the operating system is

reinstalled, is possessed by viruses. Although many viruses have not caused significant damage previously, they could easily do so in the future. Typically, a virus will place files on your system and modify it to automatically execute the virus program upon startup. It will then attempt to reproduce itself by sending itself to other potential victims. According to Section 2 - 18 of Nigeria's Harmonize Cyber Security Bill 201, it is illegal for an individual to gain unauthorized access to another person's computer and interfere with their system.

According to the Information Technology (Amendment) Act of India, 2008, the provisions of Section 43(c) ; 43(e) and Section 66 apply. Additionally, Section 268 of the Indian Penal Code, 1860 is also applicable. Offenses such as spreading of viruses are considered serious crimes and are punishable under the law. They are treated similarly to data theft and are considered cognizable offenses. With the permission of the court handling the prosecution, these offenses can be compounded. Fraud and identity theft involve the act of impersonating someone else and obtaining important personal information illegally.

Identity theft, as seen in Ghana (Boating et al., 2011), involves creating a fraudulent bank weapon to obtain someone's account information. The process is straightforward - unauthorized individuals gain access to personal information and exploit it for their own gains. This can include accessing ATMs and utilizing the obtained information to make significant financial gains. In Nigeria, individuals design deceptive web forms where users are asked to provide their personal details, such as pin numbers. These details are then used for criminal activities (Hosannas, 2011).

The Nigeria Harmonize Cyber Security Bill of 2011, in Sections

2-18, addresses crimes committed through computers, including identity theft and unauthorized access to personal computers. The Information Technology (Amendment) Act of India of 2008 defines identity theft in Section 66-C as the fraudulent or dishonest use of someone else's electronic signature, password, or other unique identification feature. Identity theft involves fraudulently assuming another person's identity to obtain money or other advantages.

According to the Identity Theft Resource Center (DIRT), identity theft complaints were the top complaint for the Federal Trade Commission (FTC) in 2012, with a 32 percent increase from 2011. This has been the most common complaint for 13 consecutive years. A survey by Javelin Strategy & Research showed a 13 percent increase in identity theft cases in 2011 compared to the previous year, resulting in a total of 11.6 million victims in the United States. It is important to recognize that any industry using personal information for credit or customer acquisition purposes can be susceptible to identity theft.

The increase in a previously uncommon type of crime, fueled by technological advancements, has made it a major concern for the public. This particular crime is insidious and inflicts genuine trauma on consumers, with statistics indicating that its occurrence is increasing. It is estimated that between 500,000 to 700,000 people fell victim to identity theft in 2000. The extensive proliferation of identity theft has earned it the title of the new millennium's crime. The National Fraud Center reported that investigating identity theft cases in 1997 incurred costs amounting to $745 million.

According to the National Fraud Center, identity theft costs approximately $50 billion per year. In response to this, Travelers Property Casualty Corp has introduced

insurance coverage specifically for victims of this crime. This coverage offers policyholders up to $15,000 to cover expenses related to resolving their identity theft problem. The National Fraud Center (2010) states that around 11% of all e-commerce transactions are attributed to identity theft. Furthermore, the Yahoo attack, also known as the 419 attack, is considered a criminal offense under section 419 of the Nigerian criminal code and carries legal penalties.

The text examines the utilization of e-mail address harvesting applications, like web spiders or e-mail extractors, to acquire e-mail addresses from Internet access points. These tools have the capability to automatically fetch e-mail addresses from web pages. The text additionally warns about Nigerian fraud letters that entail impersonation scams employing an advance fee technique. In this scam, individuals receive an e-mail from Nigeria providing them with the opportunity to partake in a percentage of money that is allegedly being withdrawn from the country (Brenner, 2010).

Cyber terrorism, as defined by Parker (1983), involves launching attacks on government or organizations to distort or access stored computer and network information. It encompasses acts of terrorism conducted through cyberspace utilizing computer resources. In simpler terms, cyber terrorism refers to any act that instills fear by accessing and altering valuable information in organizations or government bodies using computers and the internet.

Cyber extortion is a form of cyber terrorism that involves hackers targeting websites, e-mail servers, and computer systems. Their goal is to disrupt services and demand ransom. In recent years, there has been an increase in cyber extortion attacks on corporate websites and networks, leading to operational disruptions and the need for payment to restore services (Hosannas et

al., 2011). Cyber extortion is driven by multiple factors, similar to other criminal activities.

Normalization theories can be used to explain the factors, with other poverty theories also relevant in discussing crimes, particularly cybercafes (Bradshaw, 2006). The following factors - arbitration, unemployment, and weak legislative regime - are raised for the purpose of this discussion. Arbitration, which involves the movement of people from rural settlements to cities, is one of the causes of cyber-crime in Nigeria and Ghana.

Urban growth, whether it occurs horizontally or vertically, leads to increased competition among the growing population, particularly the elites. As a result, the elites are drawn to invest in cyber crime due to its low capital requirements, earning them the nickname "IMHO Boys" (Meek, 2012). In Nigeria, cyber crime is predominantly caused by arbitration. Achieving beneficial arbitration is only possible if cities experiencing population growth can generate good job opportunities. Without crime-free arbitration, this goal becomes unattainable.

The cybercafe business is appealing to elites as it requires less investment capital. Unemployment and economic difficulties have contributed to the prevalence of cyber-crime. Ghana and Nigeria are experiencing population growth that does not align with employment opportunities, creating a significant divide between the wealthy and the poor. Many individuals are driven to pursue rapid financial gain in order to bridge this gap, as businesses must experience substantial and low-risk returns in order to employ more people.

Most cyber criminals thrive in environments that require less investment and offer favorable conditions. Nigeria is such an environment, leading to a significant number of cyber criminals taking advantage of it. The weak implementation of cyber crime laws and the lack of equipped

law agencies in Ghana and Nigeria necessitate the implementation of stringent laws to deter cyber criminals. Offenders must be punished for their crimes, as cyber crimes diminish a nation's competitive edge and there is a need to prosecute these criminals. Additionally, cyber criminals can exploit the gaps in the existing punishing procedures.

Both Ghana and Nigeria have weak and fragile laws when it comes to cyber criminals. Unlike armed robbers who are treated with maximum penalties, these nations lack the necessary sophisticated hardware to effectively track down virtual forensic criminals. According to Laura (2012), African countries, including Nigeria, have been criticized for their inadequate handling of cybercafes due to law enforcement agencies lacking personnel, intelligence and infrastructure, and the private sector falling behind in curbing cybercafes.

To ensure the proper implementation of laws against cyber-crime, it is crucial for the nation's legislation to take action. The effects of cybercafes can be challenging to calculate as they involve direct and indirect costs, and have both quantitative and qualitative impacts.

Despite being enormous and difficult to address, the effects of cybercafes on banks, financial institutions, organizations, and countries are significant. These effects, which include damage to goodwill and reputation, have been discussed below. Cybercafes have reduced the competitive advantage of individuals and both private and public businesses, resulting in substantial financial and physical harm caused by computer crimes.

Cyber-crime results in global annual losses of billions of dollars, posing a threat to national security and financial well-being. Companies may experience losses from computer crime as hackers steal information for rival companies, thereby weakening their competitive advantage. Furthermore, IT personnel spend considerable time addressing and resolving harmful

incidents caused by computer criminals, leading to time wastage and hindered financial growth.

The organization should have made a profit from the time spent. One specific problem occurs when a hacker infiltrates an organization and steals confidential information. This causes the individuals who trust the company to lose confidence in it, as the company may possess sensitive information like customers' credit card details. Since the information has been stolen, customers will no longer trust the company and will seek out another provider who can safeguard their confidential data (Hosannas et al. 2011).

Additionally, computer crime hampers productivity and adds to overhead costs. Implementing measures to minimize cyberattacks, such as increasing password requirements, takes time and hinders productivity. Furthermore, combating computer crime becomes an ongoing expense, as companies must invest in robust security software and frequently update it to defend against cybercriminals. This incurs additional costs in order to reduce the likelihood of attacks from such criminals.

Companies often experience defamation of their reputation and decreased valuation when it becomes public that they have been hacked. This is typically manifested through a drop in stock prices and a loss of customer confidence. These losses, which can range from 1% to 5%, are not permanent as stock prices tend to recover by the following quarter. Thus, it would be inaccurate to factor in these fluctuations in stock prices when calculating overall losses.

Interestingly, it remains to be seen whether the changes resulting from new SEC regulations, which mandate companies to disclose significant hacking incidents, will increase shareholders' comprehension of commercially important hacks. Shareholders are skeptical about having access to comprehensive information regarding the data stolen, and they are

unaware of the responsible parties and their motives.

The recovery of stock prices may not be quick if investors perceive a significant damage to a company's intellectual property portfolio or a substantial loss of customers, as stated by the Center for Strategic and International Studies (2013). Financial institutions and banks have been trying to address the issue of cybercafes, but their efforts have had limited success with some progress made.

The initiatives include internet banking, fraud prevention systems, and the use of automated teller machines (Atoms). Traditional methods for detecting fraud have focused on identifying typical or unexpected online customer requests. To deter fraud, banks need to improve visibility and raise awareness among customers about criminal activities. This approach, called situational awareness, involves placing individual transactions within a larger context to protect against fraudsters. Banks are enhancing customer visibility across different lines of business, coordinating between channels, implementing advanced identification technologies, tracking hostile devices, and using link analysis tools to identify connections between unrelated events. Given the prevalence of Distributed Denial of Service (Dodos) attacks, all online organizations now have or plan to implement defense mechanisms.

Banks are working together with their Internet Service Providers (ISPs) and hosting service providers to fight against fraudulent activities in internet banking. They are examining the various mitigation services provided by these providers to identify the most appropriate technological strategies. While certain banks prioritize safeguarding their own applications instead of depending on customers to secure their devices, educating customers is still crucial.

In addition to taxation, many banks are implementing government-compliant solutions that offer insight into the crimes being committed against their customers' accounts. This helps them avoid getting

distracted by attacks. Typically, fraudsters access a set of accounts, gather information and transfer money before launching a Distributed Denial of Service (Dodos) attack to divert attention.

Many banks have added additional security layers to their internet banking operations to detect fraudulent activity in compromised accounts. However, some banks are still determining which security measures to invest in and the potential trade-offs they may face in relation to cybercrimes.

Banks implement specific protection measures for institutions, including hardware identification, access control software, and disconnecting critical bank applications. However, it is important to remember that computers themselves do not commit crimes; it is people who do. The main advantage for perpetrators lies in the inadequacy of the system's protectors. Nonetheless, proper internal controls can minimize the opportunity for fraud (Oilcan's, 2011).

Both government bodies and banking institutions recognize the importance of implementing protective measures, especially at a national level.

Consequently, they are enacting laws that specifically target computer-related crimes like internet banking fraud. Additionally, financial institutions are actively educating the general public about these types of crimes (2011).

Currently, many banks have the ability to identify compromised data usage. They achieve this by detecting unauthorized devices attempting to access an account or when a cluster of unauthorized devices are active across multiple accounts. If all banks implement this approach, it will serve as a powerful tool for safeguarding both the bank and its customers against financial losses (Oilcan's, 2011).

To combat cybercafe fraud, various measures have been implemented, including the use of fraud prevention systems. Governments, organizations, and individuals all play a role in fighting against internet fraud. It is crucial for consumers and service users

to stay vigilant after an incident as attackers may employ social engineering tactics to deceive unsuspecting victims into revealing confidential data. This information can be exploited to establish new accounts or take control of existing ones (Britton, 2013).

In light of recent attacks, it is crucial to regularly change passwords for online accounts and refrain from using the same password for multiple transactions. Certain companies offer periodic education to their customers in order to stress the significance of consistently updating passwords. This practice is essential in minimizing the likelihood of becoming a victim of online fraud. Employing a single password across various institutions can amplify the impact of a breach, potentially impacting other financial institutions, e-commerce sites, and social networks.

Financial institutions have implemented measures to counter fraud, including identifying infected devices and helping customers clean their devices, due to instances of scams. Some banks are currently engaging in this practice, while it is expected that all other financial institutions will adopt similar approaches in the future.

Efforts are currently being made to establish a robust fraud prevention environment. This includes addressing different aspects of fraudulent activities such as money mules and cashing-out services. There is also a focus on standardizing and advancing software components that can be used for specialized fraud campaigns. Moreover, stolen credentials and detailed victims' narratives are now available in a standardized format, either for rent or as part of an "fraud-as-a-service" model on an hourly basis. At present, several organizations are conducting mass education campaigns to educate their customers, highlighting the importance of avoiding opening emails from unknown sources, refraining from sharing personal information over the phone, understanding the risks

associated with clicking on email links, regularly changing passwords, and not using the same password for multiple accounts.

Organizations are gradually improving their knowledge of compromised or aggressive devices through Risk Assessment. They are also striving to achieve Account-Centric Awareness, which involves identifying and linking events within an account, particularly those related to account maintenance requests. Cross-Channel Awareness is another area of focus, where events across different channels and lines of business are correlated. Furthermore, Big Data Analytics is used to discover patterns in the vast amounts of operational data collected by businesses. In addition, as networked devices and online government services become more widespread, it becomes essential for governments to take the lead in addressing cyber crime at a policy level.

In 2010, the Home Department of United Kingdom expressed their belief in the need to enhance the fight against cyber crime at the government level. They aimed to achieve this by ensuring a coordinated response in line with the strategic objectives outlined in the UK Cyber Security Strategy. As a result, the Office of Cyber Security was established within the Cabinet Office. This office is responsible for coordinating the overall response to internet threats and leading a comprehensive program to safeguard the UK's interests in cyberspace. Furthermore, there is a growing global consensus on implementing measures to create an inhospitable environment for cyber criminals.

Various provisions have been made to address cyber crime, including the establishment of effective law enforcement units and the sharing of intelligence when necessary. Efforts are also being made to understand the extent of cyber crime and facilitate reporting systems for both the public and businesses. Additionally, there is

a focus on protecting children and young people from online harm and abuse through regular strategic assessments. Collaboration with the internet industry is crucial in developing tools and tactics that enable law enforcement to detect and pursue online criminals, even as technology evolves. The rise of cyber cafes, alongside technological advancements like Automated Teller Machines (ATMs) and Internet banking, have posed challenges in combating cyber crime globally. As more interactions become machine-to-machine, computerization becomes inherent in cyber interactions.

Fraudsters can establish a systematic procedure after acquiring the necessary credentials, granting them automatic access to multiple accounts. This allows them to assess the accounts' balances or credit lines and determine which ones are suitable for targeting. By utilizing electronic communication, the fraudulent process can be divided into individual steps that various components of standardized fraud software can execute. This standardization also encompasses data formats, simplifying collaboration and information exchange among fraud rings. In summary, cyber-crime is an extensive concept encompassing criminal activities conducted through computers, the Internet, cyber space, and the worldwide web.

The various forms of cyber-crime include hacking, data theft, spreading viruses or worms, fraud like identity theft, cyber terrorism, and the Yahoo Attack. The causes of cyber-crime include arbitration, unemployment, weak implementation of cyber crime laws, and inadequate equipped law agencies. The effects of cyber-crime include reducing the competitive advantage of organizations, time wastage and slowed financial growth, slowed production time and additional overhead costs, and defamation of reputation for companies, especially banks. When the public discovers that a company's system has been hacked, it can result in a drop in stock prices and loss of customer trust.

Get an explanation on any task
Get unstuck with the help of our AI assistant in seconds
New