The cyber space is one of the fastest-growing areas of technical infrastructural development. Over the past decades, the sporadic growth of the internet has turned our world of global village into a chat room. Without a doubt, the cyber space is boundless to internet users, thereby creating implication and challenges to Nigeria’s national security. This prompted Nigerians from all works of life, especially cyber security professionals to propose and facilitate the passage of cyber crime act into law by the National Assembly, which was subsequently signed into law by the administration of former President Goodluck Jonathan. Sequel to this development, I therefore, deemed it necessary to congratulate all distinguished Senators of the 7th Senate Assemble of the Federal Republic of Nigeria for achieving this great landmark.
The world today accounts for over 3 billion active internet users of which Nigeria contribute to over 70 million active internet subscribers with over 13million active accounts in social media according to an online media analyst ‘We are Social’.
Nations all over the world are facing different forms of contemporary security challenges of all kinds, ranging from Land, sea and air without forgetting the cyber space which Nigerian security agencies has almost considered as phantom warfare. The 21st Century information age has been bedevilled with series of cyber warfare which occurs in the cyber space with great implication to our technological driven infrastructures. A Pakistani army general once quoted that “attaining one hundred victories in one hundred battles is not the pinnacle of excellence but subjugating the enemy’s army without fighting is the true pinnacle of excellence.” Therefore, with the passage of the cyber crime bill it is now imperative for the Nigerian Armed Forces precisely the Nigerian Army to, in collaborative effort with the National Security Adviser (NSA) establish a Cyber Command that will combat any internal or external threat of information warfare as well as strengthen it’s capacities of cyber warfare.
The aim of this paper is to highlight the features of the Nigerian Cyber crime bill, its objectives and the role of the Nigerian Armed Forces in collaboration with the NSA to secure the Nigerian cyber space. The paper also seeks to make recommendations to the NSA, on the need to incorporate an institutional framework of cyber security agency to implement the mandate of protecting computer systems and networks, electronic data, national critical infrastructures and computer programs of intellectual property in Nigerian.
DEFINITION OF TERMS
Cyber crime is a criminal activity involving the information technology infrastructure, including illegal access, illegal interception (by technical means of non-public transmission of computers data to, from or within a computer system) , data interferences (unauthorised damaging, deletion, deterioration, alteration or suppression of computer data), systems interferences (interfering with the functioning of a computer system by inputting, transmitting, damaging, deleting etc) forgery (ID theft) and electronic fraud.
Cyberspace refers to a domain characterized by the use of electronics and the electromagnetic spectrum to store, modify, and exchange data via networked systems and associated physical infrastructures. In effect, cyberspace can be thought of as the interconnection of human beings through computers and telecommunication, without regard to physical geography. Therefore it is a boundless space known as the internet.
Cyber warfare this conjures up images of information warriors unleashing vicious attacks against an unsuspecting opponent’s computer networks, wreaking havoc and paralyzing nations.
Cyber-security defines a body of checks put in place for the protection of the cyber space from the said offences or attack which can be referred to as cyber crime depending on the level of impact. Knowing the objective of this already signed law, it is therefore imperative for the office of the NSA to institutionalize an agency (National Cyber Security Agency) to enforce this law and regulate the use of the Nigerian cyber space.
OVERVIEW OF CYBER CRIME AND NIGERIAN ARMED FORCES PREPAREDNESS
It is needless to say that cyber crime popularly called ‘Yahoo Yahoo’ in the Nigerian context is an off shoot of advanced fee fraud. In Nigeria advanced free fraud became popular in the early ‘90s. Over the past decades, cyber security professionals have witnessed several levels of cyber crime ranging from intrusion, hacking, electronic fraud and all forms of cyber related offences. On 16 March, 2015, in Lagos – Nigerian banks declared that they have lost a total of N199 billion to electronic related fraud between 2000 and 2014, mostly due to inappropriate and reckless management of customers’ data. They also noticed other forms of cybercrimes which include system hacking, e-mail bombing, diddling, viruses, spoofing and similar attacks capable of breaching the security in the information systems of vital installations. Acknowledging the enemies geo-strategic location/existence is the first principle of war in all forms of warfare.
Though our security agency might perceive cyber offenders or the risk of a cyber warfare on our national infrastructure as phantasmagorical more or less imaginary, but truth is that these offenders know our geo-strategic existence and capability more than we know theirs, and they know when, where and how to attack. Example is the hacking of INEC website prior to election result announcement and deface of Defence Information News blog used in informing the public of recent Military gains on counter insurgency operation in the North east. Illustration as shown bellow.
Recent in this trend is the use of social media to recruit radicals to join the Islamic State of Iraq and Syria a.k.a ISIS a terrorist group that the Boko Haram sect, which is a contemporary security challenge to Nigeria, pledged allegiance to. There is therefore the tendency for the Boko Haran sects to adopt same ISIS recruitment strategy, which the FBI has already made some findings of the existence of a CYBER CALIPHATE within the cyber space.
Jan 23, 2015, witnessed the defacing of the DHQ website of which the suspect attributed his gains to the Boko Haram sect (Cyber Caliphate). This alone is a threat to our national security though his action was taken to be that of a religious fanatic. This individual goes by the screen name Maniak k4sur, research shows that this hacker is also responsible for hacking, defacing 2 Major police & 8 NASA websites in the United States. Someone of this age, with these skills, educational background and claims should not have been taken for granted. His twitter handle on social media is still active and generating followers and no doubt his followers are Nigerians probably some of his ISIS fans and Islamic radicals. The boundless nature of cyber space is a serious challenge and should be treated with all sense of seriousness.
OBJECTIVES OF THE CYBER CRIME ACT
The act among others, provide an effective and unified legal, regulatory and institutional framework for the prohibition, prevention, detection, prosecution and punishment of cyber crime offenders in Nigeria. Furthermore it will ensure the protection of critical national information technology infrastructure, promote cyber security and guarantee the protection of computer systems and networks, electronics communications, data and computer programs, intellectual property and privacy rights which include the right to transact business online without the fear of electronic fraud.
CYBER OFFENCES AND PENALTIES
The agency and its constituent cyber command will be fully equipped with legal penalties to cyber offenders, as promulgated by the law, some of which are enumerated bellow:
A person, who with intent, commits any offence punishable under the act against any Critical National Information Infrastructure designated under section 3 of the act, is liable on conviction to imprisonment for a term of not more than 10 years without option of fine. Where the offence committed results in grievous bodily harm to any person the offender is liable on conviction to imprisonment for a term of not more than 15 year without any option of fine. Where the offence committed results to the death of a person the offender is liable on conviction to life imprisonment.
A person who, without authorization, intentionally accesses in whole or in part a computer system or network for fraudulent purposes and obtains data vital to national security is liable on conviction to imprisonment for a term of not more than 5years or a fine of not more than 5 million or both.
A person who unlawfully destroys or aborts any electronic mail or process through which money or valuable information is being conveyed, commits an offence and is liable on conviction to a term of imprisonment for seven years in the first instance and upon second conviction is liable to 14 years imprisonment.
Furthermore, a person or organization that knowingly and intentionally traffics in any password or similar information through which a computer or system network may be accessed with lawful authority, and where by such trafficking affects public, private or individual interest within or outside the federation of Nigeria, commits an offence and is liable on conviction, to a fine of not more than 7million or imprisonment for a term of not more than 3 years or both.
EMERGENCE OF RADICALIZATION GROUP IN THE CYBER SPACE
Study reveals that a group of brutal marauders, unparalleled in Mesopotamia since the time of the Mongols have been crucifying, raping, pillaging and beheading their way across Iraq and Syria and gleefully posting videos and pictures of the slaughter on Youtube, Facebook, twitter and Instagram for their devoted followers worldwide to revel in. ISIS is not just a movement- It is an event. In just a few years of existence ISIS has upended the geography of the Middle East, drawn America back into the region and quite possibly changes the course of the world history in the process, now a growing global phenomenon that profoundly threatens America from within and without. Study also reviewed that a Michigan-based Islamist cheerleader, Sheikh Ahmad Musa Jibril, is now the most “liked” personality on Facebook and the world’s most powerful recruiter for Westerners looking to join ISIS. His twitter handle is been followed by over 60% of foreign jihadists in Syria and Michigan.His output on social media at his early forties has upward of over 300,000 like on facebook and over 32,000 followers on twitter this necessitated a dipped with increase scrutiny of his activities, emotive terms, while employing extremely charge religious or sectarian idioms. One of his sermons on Youtube reads ‘’When your brothers in Syria speak everyone today needs to shut their mouth and listen. Because they have proven themselves to be real men,” he is preaching a standard of manhood that includes, slaughtering unarmed victims, abducting women and children, sexual assault, torture, human trafficking and genocide to an online audience that wants to bring the country down. Having spent 6 years in federal prison, he was banned from a Michigan mosque for urging his followers to kill non Muslims. US intelligence agencies are undoubtedly aware of Jibril’s influence. His subject to restrictive bail conditions that limit his movement, but he remains a free man living in his father’s Dearborn bungalow in the shadows of Detroit.
EXAMPLE OF CYBER SECURITY STRATEGIES FROM OTHER COUNTRIES
In recent times cybercrimes have gone beyond conventional crimes and now have threatening ramifications to the national security of all countries, even to technologically developed countries such as the USA. Terrorists are now using 512–bit encryption which is next to impossible to decrypt restricted security documents of government installation. However, there have been some forms of facelift in combat against this threat, lessons will be drawn from counties like USA and South Africa with an existing cyber security outfit.
The United States. The United States has focused on cyber security since the 1990s. Responsibilities were divided between the Department of Homeland Security, the Federal Bureau of Investigation, and the Department of Defense, in collaboration with her US Cyber Command (which has the National Security Agency as one of its components). Offensive operations are most likely assigned to Cyber Command and to elements of the Central Intelligence Agency.
The Department of Homeland Security has primary responsibility for domestic defence. Its National Cyber Security Division is tasked to “work collaboratively with public, private, and international entities to secure cyberspace and America’s cyber interest”. Cyber Command, a military subcommand under US Strategic Command, is responsible for dealing with threats to the military cyber infrastructure.
South Africa. In early 2010, the South African government developed the requisite legislations in order to effectively combat cyber security challenges. In 2011, follows the enactment of cyber security policy aimed at creating institutional capacity to respond to these challenges.
This effort contributed to the successful establishment of the South African Cyber Inspectorate and South African Cyber Security Academic Alliance (SACSAA) in 2012, to establish relevant structures, reduce threats, facilitate cooperation between government agencies, and build it’s cyber warfare capacity. Nigeria in the same vein with the examples stated above and that of the global best practices, with our lawmaker having formulated the requisite legislations required and signed into law. It is therefore, as a meter of urgency for the office of the NSA in collaboration with cyber security stakeholder and the armed forces to put in place, a robust institutional framework aimed at establishing a National Cyber Security Agency and a cyber-command for the armed forces precisely the Nigerian Army, all to function under the office of the NSA.
These institutions will see to the management of offences against the confidentiality, integrity and availability of computer data and systems; (2) computer- related offences, (3) content related offences; (4) offences related to infringements of copyright and related rights and that of the national critical infrastructures. Cyber crime is often transnational in character, offenders can take advantage of gaps in existing law and capabilities to avoid apprehension and prosecution. It is, therefore, important that every legal system takes measures to ensure that its penal and procedural law is adequate to meet the challenges posed by cyber crimes.
FEATURES OF A COLLABORATIVE NIGERIAN ARMY CYBER COMMAND AND NATIONAL CYBER SECURITY AGENCY
The robust Nigerian Army Cyber command with the aid of an institutionalized National Cyber Security Agency man by relevant stakeholders in the ICT will ensure a secured cyber space, restore Nigeria’s reputation in advance free fraud as well as achieve the following features stated bellow;
To help in the reduction and management of vulnerability on ICT systems and networks.
To help individuals and institutions develop and nurture a culture of cyber security.
To work collaboratively with public, private and international entities to secure cyberspace.
To help understand the current trends in IT/cyber crime, and develop effective solutions.
To respond swiftly to any case of cyber crime.
Integrity, which may include authenticity and non-repudiation.
To ensure confidentiality of data and information.
As Nigerian internet penetration and computer usage is increasingly redefined and as the technologies associated with computing are becoming more powerful, there is a strong indication that cyber-crimes are also becoming more common. Nigeria is being rated as one of the countries with the highest levels of e-crime activities with reference to the revolutionizing trend in the cyber space. It is now necessary for Nigerian government to protect its cyber domain by institutionalizing an outfit of well experienced, skilled and knowledgeable persons under the body of National Cyber Security Agency in synergy with the Nigerian Armed Force (Nigerian Army) to spearhead collaboration with other security and none security agencies like Navy, Air force, Police, DSS, EFCC, NCS, NIS, CBN etc with a view to Building a robust NATIONAL CYBER COMMAND for Nigeria, institutionalized to exist under the office of the National Security Adviser where all cyber attacks targeted at Nigerian security and critical national Infrastructure like NNPC, PHCN, NCC, Air space and Waterboard can be detected and mitigated in real-time.
It will always be a losing battle if security professionals are miles behind cyber warfare. Fighting cyber crime requires a holistic approach to combat this menace in all ramifications and the agency and its requisite command when institutionalized will create a security-aware culture involving the public, the Internet Service Providers, cybercafés, government, security agencies and internet users within the Nigeria’s cyber space.