Check Point Software Technologies urges Nigeria’s strategic oil and gas industry to beef up its cyber security

TechTrends.Africa IconByTechTrends Hours On Categories Cybersecurity
cyber security

Massive potential cost to economy if current cyber security measures fail

•An organization in Nigeria is being attacked on average 3759 times per week in the last 6 months, compared to 1854 attacks per organisation globally.

• The top malware in Nigeria is Expiro.

•The top malware list in Nigeria includes 3 Botnets, 1 Downloader (FakeUpdates), 1 Mobile (Anubis), 1 Infostealer (Anubis), 1 Backdoor (Expiro) and 1 RAT (Remcos).

•The most common vulnerability exploit type in Nigeria is Information Disclosure, impacting 80% of the organizations.

The oil and gas industry is a cornerstone of Nigeria’s economy, contributing about  5.5% to the country’s GDP and accounting for around 90% of its foreign exchange earnings. (statista.com). The pending completion of the Dangote Refinery in 2025, among other industry developments, is expected to boost Nigeria’s refining capacity by 650,000 barrels a day, potentially reducing reliance on fuel imports and bolstering local economic growth.

Beyond its substantial contribution to GDP and foreign exchange earnings, the sector is also pivotal in funding infrastructural development, social programs, and public services

“Given the strategic economic significance of Nigeria’s oil and gas industry, it is vital that it prioritises its cyber security,” says Kingsley Oseghale, Country Manager West Africa, Check Point Software Technologies.

According to Check Point’s African Perspectives on Cyber Security Report 2024, Nigeria continues to face one of the highest frequencies of cyber attacks in Africa, with organisations being attacked on average 3,759 times per week. This alarming statistic highlights the urgent need for robust cyber security measures to protect critical sectors including oil and gas, finance, government, and healthcare.

ALSO READ  We are Committed to the Culture of Data Protection in Nigeria, NDPC Boss

“Successful cyber attacks on the energy sector as a whole, can lead to operational disruptions, financial losses, and the compromise of sensitive data,” Oseghale says. 

In 2022, for example, reports indicated that 39.3% of computers in Nigeria’s oil and gas sector experienced cyberattacks, underscoring the sector’s vulnerability. (punchng.com).

According to Check Point Research (CPR), cybercriminals employ various malware strains to compromise the oil and gas sector, employing tactics such as phishing emails and malicious software to infiltrate systems and extract sensitive information. Globally phishing attacks escalated in 2024 with email being the most common attack vector at a staggering 68%, according to Check Point’s The State of Global Cyber Security 2025.

“However, the most common vulnerability exploit type in Nigeria is Information Disclosure, impacting 80% of the organisations,” says Oseghale. This is often achieved through phishing emails.

Phishing Campaigns and Malware Deployment

In a notable case from 2017, Check Point researchers uncovered a campaign where a Nigerian individual targeted over 4,000 organisations, including those in the oil and gas industry. The attacker sent fraudulent emails purporting to be from Saudi Aramco, a major oil producer, aiming to deceive financial staff into revealing company bank details or opening malware-infected attachments. The malware used included:

NetWire: A remote access Trojan (RAT) that grants attackers full control over infected machines.

HawkEye: A keylogging program that records keystrokes to capture sensitive information.

In 2024, the Raccoon infostealer malware, sold as malware-as-a-service on the Dark Web, was used in phishing campaigns to steal sensitive information. (go.checkpoint.com) These tools enabled the attacker to steal data and commit fraud within the compromised organisations.

ALSO READ  Cybersecurity: Red Cross Attack Exposes Data of Over 515,000 Vunerable People

More recently, Check Point’s January 2025 Global Threat Index identified FakeUpdates as a prevalent malware affecting various sectors, including oil and gas. FakeUpdates typically infiltrates systems through deceptive browser update prompts on compromised websites, subsequently enabling large-scale ransomware attacks. (techeconomy.ng)

 Cyber security solutions in 2025 .

“Cyber security in 2025 is not only about protecting networks; it’s about safeguarding trust in our systems and institutions,” Kingsley says.

The year 2024 was marked by the increasing role of generative AI (GenAI) in cyber-attacks. From disinformation campaigns to deepfake videos, GenAI was used to accelerate cyber-attacks, steal money, and influence public opinion.

At the same time, Infostealer attacks surged by 58%, revealing a maturing cyber ecosystem. Over 70% of infected devices were personal, as threat actors targeted bring-your-own device (BYOD) environments to breach corporate resources.

Cyber security recommendations

According to Oseghale, the immediate measures organisations can take to security their IT infrastructure are as follows:

Strengthen BYOD Security: Implement strict policies and deploy endpoint protection to mitigate risks from personal devices accessing corporate resources.

Invest in Threat Intelligence: Leverage AI-driven tools to monitor and preempt disinformation campaigns and emerging threats.

? Enhance Patch Management: Address known vulnerabilities proactively to limit exposure to widespread exploits.

? Secure Edge Devices: Implement robust security measures for routers, VPNs, and IoT devices to prevent them from becoming operational relay boxes for attackers.

Focus on Resilience: Prepare for persistent threats with comprehensive incident response plans and continuous monitoring.

Other Key Findings from the 2025 Check Point Global Security Report:

?      Evolving Cyber Wars: Nation-states are shifting from acute attacks to chronic campaigns aimed at eroding trust and destabilizing systems. AI-powered disinformation and influence campaigns targeted one-third of global elections between September 2023 and February 2024.

ALSO READ  Report: Criminals lock users out of their stolen iPhones using Apple's recovery key.

Ransomware Evolution: Data exfiltration and extortion overtook encryption-based attacks as the primary ransomware tactic, simplifying operations and maximizing payouts. Healthcare became the second most targeted industry, with a 47% increase in attacks year-over-year.

Edge Device Exploitation: Compromised routers, VPNs, and other edge devices served as key entry points for attackers. Over 200,000 devices were controlled by advanced botnets like Raptor Train, operated by state-sponsored actors.

Prevalent Vulnerabilities: 96% of exploits in 2024 leveraged vulnerabilities disclosed prior to the year, underscoring the importance of proactive patch management.

Targeted Industries: For the fifth consecutive year, education remained the most targeted industry, experiencing a 75% increase in attacks year-over-year.

“The increasing adoption of advanced AI-driven solutions, such as those offered by Check Point are playing a pivotal role in closing the industry cyber security gaps. However, with the rapid digitisation of  Nigeria’s economy, we must remain vigilant and continue to push for greater investment in cybersecurity infrastructure to safeguard our country’s digital future,” Oseghale concludes.

Read the full report here: https://www.checkpoint.com/security-report/

TechTrends.Africa Icon

Techtrends Africa is Africa’s leading Tech blog that provides quality tech and innovation stories, trends, industry watch, reviews/analysis, interviews, and insights on emerging technologies and their application across critical sectors.

Similar Posts

Working remotely during Summer 2023 -

Working remotely during Summer 2023: 5 steps to protect yourself from cyberattacks according to Sophos

ByTechTrends

Before the pandemic, cybersecurity started to be considered as a fundamental area in a company. But it’s really after the implementation of teleworking during confinement and the cyberattacks that many companies suffered, due to the exposure of their devices, that IT teams are increasingly focused on raising awareness among their workers. The objective is clear,…

Kaspersky

Be a doll: Mind cyber security and privacy when creating a fun image of yourself, warns Kaspersky

ByTechTrends

As the latest social media trend sees users jumping on the AI Action Figure craze by uploading personal information and photos to generate hyper-realistic AI dolls or action figures of themselves, Kaspersky urges individuals to be cautious about the personal information they share online. The trend, while entertaining, raises concerns about data privacy and digital…

Mohamed El Nemr, Regional Business Lead, Modern Works and Security at Microsoft
|

Data breaches top the list of security concerns for Nigerian CIOs

ByTechTrends

New research from the IDC reveals the latest cloud security trends in Nigeria The majority (72 percent) of Nigerian organizations are increasing their spend on information security 21 percent of organizations use a combination of on premises and cloud solutions. This is set to grow to 41 percent over the next two years. For Nigerian…

Kaspersky

Kaspersky empowers developers of all sizes to meet the security demands of their customers

ByTechTrends

Kaspersky has introduced a new approach within its BUILD track of Kaspersky United partner program to make cybersecurity more accessible for smaller companies and startups that develop software. By simplifying entry requirements and offering tailored tools and resources, the program now enables a wider range of technology partners to integrate Kaspersky’s advanced security solutions into…

Mart Networks

Mart Networks Partners Infopercept to Bring Comprehensive Cybersecurity Solutions to Africa

ByTechTrends

…The Solutions Include the Threat Exposure Management Platform, Invinsense OXDR, and the Compliance Management Platform, Invinsense GSOS Mart Networks Group, a leading value-added distributor with a presence in the Middle East and Africa, has announced a distribution partnership with Infopercept, a leading platform-led managed security services company. Under this agreement, Mart Networks will serve as…

cybersecurity hacks

How business owners can leverage cybersecurity hacks from South Africa

ByTechTrends

Because we have no other option, South Africans have grown accustomed to dealing with crime. Various sources rank South Africa near the top of lists of countries with the highest crime rates in the world. If you are a South African or live in South Africa, you most likely take a variety of precautions at…

Leave a Reply

Your email address will not be published. Required fields are marked *