Nigeria’s digital infrastructure has once again come under threat as cybercriminals intensified attacks on government websites, with the latest victim being the Nigerian Bureau of Statistics (NBS). The breach underscores growing vulnerabilities in Nigeria’s cyberspace and highlights the urgent need for strengthened cybersecurity measures.
The NBS, as the country’s official statistical agency, plays a critical role in Nigeria’s development by collecting, analyzing, and disseminating economic, social, and governance data. The attack on its platform raises concerns about the security of sensitive national data and the increasing sophistication of cyber threats targeting public institutions.
The attack on the NBS website is part of a broader pattern of cyber incursions targeting Nigerian government ministries, agencies, and officials. Over the past few years, cybercriminals have escalated their activities, often crippling government operations, compromising personal data, and eroding public trust.
At approximately 8:32 PM yesterday, the NBS acknowledged the breach through its official communication channel on X (formerly Twitter):
“This is to inform the public that the NBS Website has been hacked and we are working to recover it. Please disregard any message or report posted until the website is fully restored. Thank you.”
The incident comes at a time when cybersecurity experts and regulatory agencies have been issuing repeated warnings about the rising frequency and financial impact of cybercrime across Africa. According to INTERPOL, cybercrime costs Africa over $4 billion annually, representing about 10% of the continent’s GDP. Additionally, an IBM report revealed that the average cost of ransomware attacks globally surged by 13% in 2023, reaching $5.13 million.
Nigerian government agencies have long been vulnerable to cyberattacks. In 2020, the Economic and Financial Crimes Commission (EFCC) reported attempts to breach its website, while in 2021, the National Communications Commission (NCC) warned of imminent cyber espionage by an Iranian group, Lyceum, targeting telecom operators, Internet Service Providers, and Ministries of Foreign Affairs in Nigeria and other African nations.
More recently, in an alarming breach, servers of the National Identity Management Commission (NIMC) were reportedly compromised. According to reports by The Punch, a website named expressverify was monetizing access to Nigerians’ National Identification Numbers (NINs) and other personal data from the identification database.
Beyond ministries, top government officials and governors have also been frequent targets, with cases of hacked mobile numbers and stolen private communications surfacing regularly.
The surge in cyberattacks is not unique to Nigeria. Across Africa, governments, state agencies, and businesses have increasingly fallen prey to sophisticated cybercriminal operations.
Namibia’s state-owned telecom company recently suffered a ransomware attack perpetrated by the hacker group Hunters International. Sensitive customer data, including information on high-ranking government officials, was leaked after the company refused to negotiate with the cybercriminals.
Other high-profile attacks have targeted Ghana’s Electricity Company of Ghana (ECG), the central banks of Zambia and South Sudan, and government institutions in Ethiopia, Senegal, and Zimbabwe. In South Africa, cybercriminals infiltrated Porsche’s Johannesburg headquarters, the South African division of credit bureau TransUnion, and Internet Service Provider RSAWEB.
These attacks reveal a growing reliance on ransomware—a form of malware where systems are encrypted or data is stolen and held hostage until a ransom is paid. In many cases, organizations are forced to make difficult decisions: pay cybercriminals or face operational paralysis and reputational damage.
The persistent attacks on Nigerian government websites, including the NBS, expose gaps in the nation’s cybersecurity infrastructure. Agencies such as the Nigerian Communications Commission (NCC) and the National Information Technology Development Agency (NITDA) continue to issue warnings, but the pace and complexity of attacks demand a more robust and coordinated response.
Cybersecurity experts argue that Nigeria must prioritize investment in modern security systems, workforce training, and real-time monitoring to safeguard critical infrastructure. The role of public-private partnerships, increased regional collaboration, and stringent legal frameworks will also be key to addressing the cyber threat.
Leave a comment