Sunday May 03, 2026

ngCERT SECURITY ADVISORY ON ESCALATING CYBERSECURITY THREATS AND ONGOING ATTACKS TARGETING ORGANISATIONS IN NIGERIA

Advisory ID:   ngCERT-2026-040007

SUMMARY

ngCERT has observed a significant rise in high-impact cybersecurity incidents affecting organisations across multiple sectors within Nigeria, driven by phishing, ransomware, business email compromise (BEC), and data breaches. These threats are increasingly enabled by “as-a-service” cybercrime models and AI-driven techniques, allowing threat actors to scale operations and exploit weak security controls across the ecosystem. Private and public sector organisations, particularly the Critical National Information Infrastructure (CNII), are advised to strengthen their cybersecurity posture and remediate identified vulnerabilities urgently.

DESCRIPTION

The surge in cybersecurity incidents in Nigeria reveals a pattern of high-frequency and increasingly sophisticated attacks targeting public and private sector organisations. Threat actors are leveraging phishing campaigns, credential harvesting, ransomware deployment, and exploitation of unpatched systems to gain unauthorised access to networks. The proliferation of phishing-as-a-service and ransomware-as-a-service platforms has lowered the barrier to entry for cybercriminals, enabling coordinated and large-scale attacks. Additionally, the use of automation and artificial intelligence has enhanced cybercriminals’ ability to conduct convincing social engineering, evade detection, and exploit vulnerabilities more efficiently. These threats disproportionately affect sectors such as financial services, telecommunications, government institutions, healthcare, and other critical National infrastructures, where data sensitivity and system availability are mission-critical. Many of these incidents are linked to common weaknesses, including poor identity and access management, lack of multi-factor authentication, inadequate patching, and low user awareness and staff training.

Damage:      Critical 

Probability:  High

Platform(s):  Web Applications, Cloud Services and Email

CONSEQUENCES

If successfully exploited, these cybersecurity threats may result in:

    1. Financial losses due to fraud, ransomware payments, and incident response costs.
    2. Operational disruption, including system downtime and service outages.
    3. Unauthorized access to systems and compromise of sensitive data.
    4. Data breaches/exfiltration leading to privacy violations and regulatory penalties.
    5. Reputational damage and erosion of customer and stakeholder trust.
    6. Compromise of critical infrastructure, with potential national security implications. 

SOLUTION/MITIGATION

ngCERT recommends the following:

    1. Enforce multi-factor authentication (MFA) across all critical systems and services.
    2.  Implement endpoint detection and response (EDR/XDR) and continuous network monitoring
    3. Regularly patch and update systems, applications, and network devices.
    4.  Adopt a Zero Trust security model and enforce least-privilege access controls.
    5. Conduct regular vulnerability assessments and penetration testing.
    6. Strengthen employee cybersecurity awareness through training and phishing simulations.
    7.  Encrypt sensitive data and maintain secure, offline backups to mitigate ransomware risks.
    8. Organisations are further advised to promptly report confirmed incidents to " data-linkindex="0"> or 090 5555 4499 for timely support and coordinated response in line with National Cybersecurity Policy Strategy 2015 (AsAmended 2024).    

HYPERLINK