ETHICAL HACKING AND CYBER SECURITY IN NIGERIAN TELECOMMUNICATION INDUSTRY: ISSUES AND SOLUTIONS
The study examines the issues and solutions of ethical hacking and cybersecurity in the Nigerian telecommunication industry, the study has the following objectives, To examine the issues of ethical hacking and cybersecurity in Nigeria telecommunication industry, To examine the solutions to the issues of ethical hacking and cybersecurity in Nigeria telecommunication industry, To determine the level of effectiveness of ethical hacking and cybersecurity in the Nigerian telecommunication industry. Concerning the methodology for this study, data for this study was collected from the respondents through the use of questionnaires. Other information was collected from textbooks, journals, and other secondary sources of data. The research design used for this study was the descriptive research design. Since data characteristics were described using frequencies and percentages, and no manipulations of data or variables were necessary, the researcher chose this research design. The researcher discarded other alternatives such as the causal and explanatory research designs, because accurate findings and data analysis may not be achieved. The researcher adopted the census sampling technique to successfully complete the study. All 32 respondents were used for this study. Data collected were analyzed using frequencies and percentages. These frequencies and percentages enabled the researcher to clearly represent true data characteristics and findings with a great deal of accuracy. Interpretation and analysis of data were also used to describe items in tables and charts used for this study.
The study has the following findings; Nigeria’s cyberspace is much secured, there are issues associated with hacking in the telecommunication industry, ethical hacking is very effective in the telecommunication industry, there are solutions to the issues of ethical hacking in the telecommunication industry.
This research will educate the stakeholders in the telecommunication industry and the general public on how ethical hacking can be used in cybersecurity to protect against cybercrime.
TABLE OF CONTENTS
Title Page - - - - - - - - - i
Approval Page - - - - - - - - ii
Declaration - - - - - - - - iii
Dedication - - - - - - - - - iv
Acknowledgement - - - - - - - v
Abstract - - - - - - - - - vi
Table of Contents - - - - - - - vii
CHAPTER ONE – INTRODUCTION
1.1 Background of the Study - - - - -
1.2 Statement of General Problem - - - -
1.3 Objective of the Study - - - - - -
1.4 Research Questions - - - - - -
1.5 Hypothesis - - - - - - - - -
1.6 Significance of the Study - - - - -
1.7 Scope of the Study - - - - - -
1.8 Definition of Terms - - - - - -
CHAPTER TWO – REVIEW OF RELATED LITERATURE
2.1 Introduction - - - - - - - -
2.2 Theoretical Framework - - - - - -
2.2.1 Routine activity theory - - - - - -
2.2.2 Opportunity theory - - - - - - -
2.2.3 Technology theory - - - - - - -
2.2.4 Social theories - - - - - - -
2.2.5 The peel theory - - - - - - - -
2.2.6 Space transition theory- - - - - -
2.3 e-banking crimes - - - - - - -
2.4 types of cyber-crime - - - - - - -
2.4.1 Phishing - - - - - - - - -
2.4.2 Cyber terrorism - - - - - - -
2.4.3 Electronic spam mails - - - - - -
2.4.4 Cyber stalking - - - - - - - -
2.4.5 Fake copy-cat web sites - - - - - -
2.5 Effects of cyber-crime on banking - - - -
2.6 Cyber-crime policy in Nigeria - - - - -
CHAPTER THREE – RESEARCH METHODOLOGY
3.1 Introduction - - - - - - -
3.2 Research Design - - - - - -
3.3 Area of the Study - - - - - -
3.4 Population of Study - - - - - -
3.5 Sample size and Sampling Techniques - - -
3.6 Instrument for Data Collection - - - -
3.7 Validity of the Instrument - - - - -
3.8 Reliability of the Instrument - - - -
3.9 Method of Data Collection - - - - -
3.10 Method of Data Analysis - - - - -
CHAPTER FOUR – DATA PRESENTATION AND ANALYSIS
4.0 Introduction - - - - - - -
4.1 Data Presentation and Analysis - - - -
4.2 Characteristics of the Respondents - - -
4.3 Data Analysis - - - - - - -
4.4 Testing Hypothesis - - - - - -
4.5 Summary of Findings - - - - - -
4.6 Discussion of Findings - - - - -
CHAPTER FIVE – SUMMARY, CONCLUSION AND RECOMMENDATION
5.0 Introduction - - - - - - -
5.1 Summary - - - - - - - -
5.2 Conclusion - - - - - - - -
5.3 Recommendations - - - - - -
References - - - - - - - -
Appendix - - - - - - - -
1.1 BACKGROUND TO THE STUDY
Cybersecurity through ethical hacking plays an important role in the ongoing development of the telecommunication industry, as well as Internet services (Odinma, 2010). Enhancing cybersecurity and protecting critical information infrastructures are essential to each nation’s security and economic well-being (Odinma, 2010). Making the Internet safer (and protecting Internet users) has become integral to the development of new services as well as government policy.
An ethical hacker is a computer and networking expert who systematically attempts to penetrate a computer system or telecommunication network on behalf of its owners for the purpose of finding security vulnerabilities that a malicious hacker could potentially exploit (Okonigene & Adekanle, 2009).
Ethical hackers use the same methods and techniques to test and bypass a system's defenses as their less-principled counterparts, but rather than taking advantage of any vulnerabilities found, they document them and provide actionable advice on how to fix them so the organization can improve its overall security (Laura, 1995). The purpose of ethical hacking is to evaluate the security of a network or system's infrastructure. It entails finding and attempting to exploit any vulnerabilities to determine whether unauthorized access or other malicious activities are possible. Vulnerabilities tend to be found in poor or improper system configuration, known and unknown hardware or software flaws, and operational weaknesses in process or technical countermeasures. One of the first examples of ethical hacking occurred in the 1970s when the United States government used groups of experts called "red teams" to hack its own computer systems (Laura, 1995). It has become a sizable sub-industry within the information security market and has expanded to also cover the physical and human elements of an organization's defenses. A successful test doesn't necessarily mean a network or system is 100% secure, but it should be able to withstand automated attacks and unskilled hackers.
Deterring cybercrime is an integral component of national cybersecurity and critical information infrastructure protection strategy. In particular, this includes the adoption of appropriate legislation against the misuse of ICTs for criminal or other purposes and activities intended to affect the integrity of national critical infrastructures (Adebusuyi, 2008). At the national level, this is a shared responsibility requiring coordinated action related to prevention, preparation, response, and recovery from incidents on the part of government authorities, the private sector, and citizens.
The exceptional outbreak of cyber-crime in Nigeria in recent times was quite alarming, and the negative impact on the socio-economy of the country is highly disturbing. Over the past twenty years, immoral cyberspace users have continued to use the internet to commit crimes; this has evoked mixed feelings of admiration and fear in the general populace along with a growing unease about the state of cyber and personal security (Oliver, 2010). This phenomenon has seen a sophisticated and extraordinary increase recently and has called for a quick response in providing laws that would protect cyberspace and its users.
The first recorded cyber murder was committed in the United States seven years ago. According to the Indian Express, in January 2002, an underworld don in a hospital was to undergo minor surgery. His rival went ahead to hire a computer expert who altered his prescriptions through hacking the hospital’s computer system. He was administered the altered prescription by an innocent nurse, this resulted in the death of the patient. Statistically, all over the world, there has been a form of cyber-crime committed every day since 2006. Prior to the year 2001, the phenomenon of cyber-crime was not globally associated with Nigeria. This resonates with the fact that in Nigeria we came to the realization of the full potential of the internet right about that time. Since then, however, the country has acquired worldwide notoriety in criminal activities, especially financial scams, facilitated through the use of telecommunication facilities. Nigerian cyber criminals are daily devising new ways of perpetrating this form of crime and the existing methods of tracking these criminals are no longer suitable to deal with their new tricks (Adebusuyi, 2008). The victims as well show increasing naivety and gullibility at the prospects incited by these fraudsters. This paper seeks to give an overview of ethical hacking and cyber-security in the Nigerian telecommunication industry, outline some challenges and proffer solutions.
In 2014, the National Assembly of Nigeria made a bold move in the war against cybercrime when the Senate passed the Cybercrime Bill. This feat in addition to the cybersecurity strategy and policy documents introduced by the Office of the National Security Adviser (NSA) are attributes that will strengthen cybersecurity.
1.2 STATEMENT OF THE PROBLEM
The issue of cybersecurity is one that has been discussed by many people with various perspectives on the issue, most coming at it from different sides than the others. Cyber-crimes have gone beyond conventional crimes and now have threatening ramifications to the national security of all countries, even to technologically developed countries like the United States. The illegal act may be targeted at a computer network or devices e.g., computer virus, denial of service attacks (DOS), malware (malicious code). the illegal act may be facilitated by a computer network or devices with target independent of the computer network or device”. However, ethical hacking has been used by various telecommunication companies to cover the loophole and this study is providing an overview of the issues and the solutions.
1.3 OBJECTIVES OF THE STUDY
The following are the objectives of this study:
To examine the issues of ethical hacking and cybersecurity in Nigeria's telecommunication industry. To examine the solutions to the issues of ethical hacking and cybersecurity in Nigeria's telecommunication industry. To determine the level of effectiveness of ethical hacking and cybersecurity in the Nigerian telecommunication industry.
1.4 RESEARCH QUESTIONS
Is ethical hacking and cybersecurity practiced in Nigeria's telecommunication industry? What are the solutions to the issues of hacking and cybercrime in Nigeria's telecommunication industry? What is the level of effectiveness of ethical hacking and cybersecurity in the Nigerian telecommunication industry?
1.6 SIGNIFICANCE OF THE STUDY
The following are the significance of this study:
The findings from this study will educate the stakeholders in the telecommunication industry and the general public on how ethical hacking can be used in cybersecurity to protect against cybercrime. This research will be a contribution to the body of literature in the area of the effect of personality traits on student’s academic performance, thereby constituting the empirical literature for future research in the subject area.
1.7 SCOPE/LIMITATIONS OF THE STUDY
This study will cover the issues and solutions relating to ethical hacking and cybersecurity in the Nigerian telecommunication industry.
LIMITATION OF STUDY
Financial constraint- Insufficient fund tends to impede the efficiency of the researcher in sourcing for the relevant materials, literature, or information and in the process of data collection (internet, questionnaire, and interview).
Time constraint- The researcher will simultaneously engage in this study with other academic work. This consequently will cut down on the time devoted to the research work.
Adebusuyi, A. (2008): The Internet and Emergence of Yahoo boys sub-Culture in Nigeria, International Journal Of Cyber-Criminology, 0794-2891, Vol.2(2) 368-381, July-December
Odinma, Augustine C. MIEEE (2010): Cybercrime & Cert: Issues & Probable Policies for Nigeria, DBI Presentation, Nov 1-2.
Laura, A. (1995): Cyber Crime and National Security: The Role of the Penal and Procedural Law”, Research Fellow, Nigerian Institute of Advanced Legal Studies., Retrieved from
Okonigene, R. E., Adekanle, B. (2009): Cybercrime In Nigeria, Business Intelligence Journal, Retrieved from
Oliver, E. O. (2010): Being Lecture Delivered at DBI/George Mason University Conference on Cyber Security holding, Department of Information Management Technology Federal University of Technology, Owerri, 1-2 Nov..