CHAPTER
ONE
INTRODUCTION
1.1 BACKGROUND
TO THE STUDY
Cybersecurity
through ethical hacking plays an important role in the ongoing development of
telecommunication industry, as well as Internet services (Odinma, 2010).
Enhancing cybersecurity and protecting critical information infrastructures are
essential to each nation’s security and economic well-being (Odinma, 2010).
Making the Internet safer (and protecting Internet users) has become integral
to the development of new services as well as government policy.
An
ethical hacker is a computer and networking expert who systematically attempts
to penetrate a computer system or telecommunication network on behalf of its
owners for the purpose of finding security vulnerabilities that a malicious
hacker could potentially exploit (Okonigene & Adekanle, 2009).
Ethical
hackers use the same methods and techniques to test and bypass a system's
defenses as their less-principled counterparts, but rather than taking
advantage of any vulnerabilities found, they document them and provide
actionable advice on how to fix them so the organization can improve its
overall security (Laura, 1995). The purpose of ethical hacking is to evaluate
the security of a network or system's infrastructure. It entails finding and
attempting to exploit any vulnerabilities to determine whether unauthorized
access or other malicious activities are possible. Vulnerabilities tend to be
found in poor or improper system configuration, known and unknown hardware or
software flaws, and operational weaknesses in process or technical
countermeasures. One of the first examples of ethical hacking occurred in the
1970s, when the United States government used groups of experts called
"red teams" to hack its own computer systems (Laura, 1995). It has become
a sizable sub-industry within the information security market and has expanded
to also cover the physical and human elements of an organization's defenses. A
successful test doesn't necessarily mean a network or system is 100% secure,
but it should be able to withstand automated attacks and unskilled hackers.
Deterring
cybercrime is an integral component of a national cybersecurity and critical
information infrastructure protection strategy. In particular, this includes
the adoption of appropriate legislation against the misuse of ICTs for criminal
or other purposes and activities intended to affect the integrity of national
critical infrastructures (Adebusuyi, 2008). At the national level, this is a
shared responsibility requiring coordinated action related to prevention,
preparation, response and recovery from incidents on the part of government
authorities, the private sector and citizens.
The exceptional
outbreak of cyber-crime in Nigeria in recent times was quite alarming, and the
negative impact on the socio-economy of the country is highly disturbing.Over
the past twenty years, immoral cyberspace users have continued to use the
internet to commit crimes; this has evoked mixed feelings of admiration and
fear in the general populace along with a growing unease about the state of
cyber and personal security (Oliver, 2010). This phenomenon has seen
sophisticated and extraordinary increase recently and has called for quick
response in providing laws that would protect the cyber space and its users.
The first
recorded cyber murder was committed in the United States seven years ago.
According to the Indian Express, January 2002, an underworld don in a hospital
was to undergo a minor surgery. His rival went ahead to hire a computer expert
who altered his prescriptions through hacking the hospital’s computer system.
He was administered the altered prescription by an innocent nurse, this
resulted in the death of the patient. Statistically, all over the world, there
has been a form of cyber-crime committed every day since 2006. Prior to the
year 2001, the phenomenon of cyber-crime was not globally associated with
Nigeria. This resonates with the fact that in Nigeria we came into realization
of the full potential of the internet right about that time. Since then,
however, the country has acquired a world-wide notoriety in criminal
activities, especially financial scams, facilitated through the use of the Telecommunication
facilities. Nigerian cyber criminals are
daily devising new ways of perpetrating this form of crime and the existing
methods of tracking these criminals are no longer suitable for to deal with
their new tricks (Adebusuyi, 2008). The victims as well show increasing naivety
and gullibility at the prospects incited by these fraudsters. This paper seeks
to give an overview of ethical hacking and cyber-security in Nigerian
telecommunication industry, outline some challenges and proffer solutions.
In 2014, the
National Assembly of Nigeria made a bold move in the war against cybercrime
when the Senate passed the Cybercrime Bill. This feat in addition to the cyber
security strategy and policy documents introduced by the Office of the National
Security Adviser (NSA) are attributes that will strengthen cyber security.
1.2 STATEMENT
OF THE PROBLEM
The issue of
cyber security is one that has been discussed by many people with various
perspectives on the issue, most coming at it from different sides than the
others. Cyber-crimes have gone beyond conventional crimes and now have
threatening ramifications to the national security of all countries, even to
technologically developed countries as the United States. The illegal act may
be targeted at a computer network or devices e.g., computer virus, denial of
service attacks (DOS), malware (malicious code). the illegal act may be
facilitated by computer network or devices with target independent of the
computer network or device”. However, ethical hacking has been used by various
telecommunication companies to cover the loophole and this study is providing
an overview on the issues and the solutions.
1.3 OBJECTIVES
OF THE STUDY
The following are
the objectives of this study:
1. To examine the issues of ethical hacking and
cyber security in Nigeria telecommunication industry.
2. To examine the solutions to the issues of ethical
hacking and cyber security in Nigeria telecommunication industry.
3. To determine the level of effectiveness of
ethical hacking and cyber security in Nigerian telecommunication industry.
1.4 RESEARCH
QUESTIONS
1. Is ethical hacking and cyber security practiced
in Nigeria telecommunication industry?
2. What are the solutions to the issues of
hacking and cyber crime in Nigeria telecommunication industry?
3. What is the level of effectiveness of ethical
hacking and cyber security in Nigerian telecommunication industry?
1.6 SIGNIFICANCE
OF THE STUDY
The following are
the significance of this study:
1. The findings from this study will educate the
stakeholders in the telecommunication industry and the general public on how
ethical hacking can be used in cyber security to protect against cyber crime.
2. This research will be a contribution to the
body of literature in the area of the effect of personality trait on student’s
academic performance, thereby constituting the empirical literature for future
research in the subject area.
1.7 SCOPE/LIMITATIONS
OF THE STUDY
This study will
cover the issues and solution relating to ethical hacking and cyber security in
the Nigerian telecommunication industry.
LIMITATION
OF STUDY
Financial
constraint- Insufficient fund tends to impede the efficiency of the
researcher in sourcing for the relevant materials, literature or information
and in the process of data collection (internet, questionnaire and interview).
Time
constraint- The researcher will simultaneously engage in this study
with other academic work. This consequently will cut down on the time devoted
for the research work.