Inside Nigeria's Cybersecurity Battle : Experts Warn of Growing Digital Risks

Nigeria is currently navigating a pivotal and high-stakes "cybersecurity battle." As the country rapidly digitizes—with a digital economy projected to reach $27 billion by 2030—experts and government officials are sounding the alarm on a sophisticated and evolving threat landscape.

Below is a breakdown of the current digital risks and the national response as of late 2025.

1. The Growing Scale of the Threat
Nigeria has recently been ranked the most cyber-attacked country in Africa. The statistics for 2025 illustrate a "pandemic-like" escalation in digital crime:

Attack Frequency: Organizations in Nigeria are currently facing an average of 4,200 to 4,388 cyberattacks per week.

Data Breaches: In the first quarter of 2025 alone, over 119,000 data breaches were recorded, compromising millions of Nigerian accounts.

Economic Impact: The Attorney General of the Federation, Lateef Fagbemi, recently estimated that cybercrime costs the Nigerian economy roughly $500 million annually.

2. Emerging Digital Risks in 2025
Experts have identified several "new frontiers" where cybercriminals are outstripping traditional defenses:

AI-Powered Attacks: Criminals are using Generative AI to create hyper-realistic deepfakes for sextortion and corporate fraud, as well as polymorphic malware that changes its code to evade antivirus software.

Digital Violence: There is a rising surge in "digital violence" specifically targeting women and activists through deepfake blackmail, AI-generated non-consensual content, and targeted cyberstalking.

Credential Abuse: Rather than just hacking systems, attackers are increasingly using "valid credentials" (usernames/passwords) stolen from previous leaks or bought on the dark web to walk right into sensitive databases.

Targeting Critical Infrastructure: Attacks have shifted from simple "419 scams" to targeting oil pipelines, telecom records (with over 60 million records reportedly leaked), and government agencies like the Nigerian Navy and Immigration Service.

3. The "Japa" Factor & Talent Drain
A major internal risk frequently cited by experts is the "Japa syndrome"—the mass migration of skilled IT and cybersecurity professionals. This brain drain has left many Nigerian banks and government agencies understaffed, making it harder to implement robust defenses even when the technology is available.

4. National Response & Governance
The Nigerian government has intensified its counter-offensive through several key initiatives:

Legal Framework: The Cybersecurity Act 2024 (an update to the 2015 Act) and the Designation of Critical National Information Infrastructure (CNII) order signed by President Tinubu now provide a stronger legal basis for prosecuting crimes and protecting essential digital assets.

Institutional Readiness: * The National Cybersecurity Coordination Centre has been established for real-time threat response.

The EFCC has recovered over ₦566 billion in assets between 2024 and 2025 and is planning a Cybersecurity Research Centre to "rehabilitate" young hackers into productive tech roles.

Public Awareness: Agencies like the Nigeria Immigration Service (NIS) and the NSCDC have launched nationwide campaigns to treat "cyber hygiene" as an essential life skill for every citizen.