ABSTRACT
The Global Information Infrastructure creates unlimited opportunities for commercial, social and other human activities. However, it is increasingly under attack by cybercriminals; as the number, cost, and sophistication of attacks are increasing at an alarming rate. This study sets out to examine the sociological and technological factors that impact cybercrime and cyber security and thereby articulates the relevant circumstances and threats of cybercrime in Nigeria. The study approached the issue of cybercrime from theoretical and investigative points of views. Structured interviews with law enforcement agencies and governmental institution for cyber security were also conducted. Data obtained through these research instruments were subjected to descriptive analysis and frequency counts in order to explain the activities of Nigerian cybercriminals based on existing theories of crime, and to understand their intents, purposes and methods. Four theories of crime, namely, Structural Functionalism Theory, Marxian Theory, Routine Activity Theory and Technology Enabled Crime Theory were all found to be relevant to Nigerian cybercrime. At the level of existing laws, the study established that there are no existing laws in the Nigerian statues that directly address cybercrime.
7
.
TABLE OF CONTENTS
Pages
Title Page i
Declaration ii
Certification iii
Dedication iv
Acknowledgement v
Abstract vi
Table of Contents vii
List of Tables x
List of Figures xi
CHAPTER ONE: INTRODUCTION 1
1.1 Background to the Study 2
1.2 Statement of the Problem 5
1.3 Justification of the Study 7
1.4 Research Objectives 7
1.5 Research Questions 8
1.6 Scope of the Study 8
1.7 Methodology 8
1.8 Definition of Terms 9
CHAPTER TWO: LITERATURE REVIEW 10
2.1 Cybercrime: Definition and Conceptualization 10
2.1.1 Cybercrime Against Persons 18
2.1.2 Cybercrime Against Property 18
8
2.1.3 Cybercrime against Government 18
2.2 Cyber-Security in Perspective 19
2.3 General Perception of Cybercrime in Nigeria 23
2.4 Evaluation of the Current Situation in Nigeria 23
2.5 Theoretical Framework 24
2.5.1 Structural Functionalism Theory 24
2.5.2 Marxian Theory 25
2.5.3 Routine Activity Theory 26
2.5.4 The Theory of Technology Enabled Crime 26
2.5.5 The Theory of Differential Association 28
2.6 Challenges of Cybercrime 30
2.7 Complexities of Cybercrime 31
2.8 The Phenomenon of Cybercrime 33
2.9 The Nigerian Perspective 37
CHAPTER THREE: RESEARCH METHODOLOGY 40
3.1 Research Design 40
3.2 Study Populations 40
3.2.1 Law Enforcement Agencies 40
3.2.2 Governmental Cyber-security Agencies 41
3.2.3 Practicing Scammers 42
3.2.4 Arrested Cybercriminals 42
3.2.5 Scam Baiters 42
3.3 Sampling Techniques 43
3.4 Sample Size 43
CHAPTER FOUR: IMPLEMENTATION AND EVALUATION 46
9
4.1 Presentation of Results 46
4.1.1 Interview with Law Enforcement Agencies 46
4.1.2 Interview with Governmental Cyber-security Agency 47
4.1.3 Practicing Scammers 48
4.1.4 A Criminal Mail 51
4.2 Computer as an Instrument Facilitating Crime 53
4.3 Phishing and Personal Experience 55
4.4 Discussion of Findings 58
4.4.1 Approaches Adopted by Law Enforcement Agencies to combat
Cybercrime in Nigeria 58
4.4.2 Approaches Adopted by Governmental Cyber-security Agency in
Ensuring Cyber-security in Nigeria 58
4.4.3 Problems Confronting Law Enforcement Agencies and Governmental
Cyber-security Agencies in combating cyber-crime in Nigeria 59
4.4.4 Theories of Crime in relation to Nigeria Cybercrime 60
CHAPTER FIVE: SUMMARY, CONCLUSIONS, RECOMMENDATIONS
AND SUGGESTIONS FOR FURTHER STUDIES 63
5.1 Summary of Findings 63
5.2 Conclusions 64
5.3 Recommendations 66a
REFERENCES 68
10
LIST OF TABLES
Tables Pages
4.1 Gender Status of the Practicing Scammers 50
4.2 Level of Study of Practicing Scammers 50
4.3 Occupational Status of the Practicing Scammers 50
4.4 World Internet Usage and Population Statistics 53
11
LIST OF FIGURES
Figures Pages
4.1 Lottery Winning and Financial Scam 56
4.2 Pure 419 Scam for Phishing 57
12
13
CHAPTER ONE
INTRODUCTION
From business, industry, government to not-for-profit organizations, the internet has
simplified business processes such as sorting, summarizing, coding, editing, customized
and generic report generation in a real-time processing mode. However, it has also
brought unintended consequences such as criminal activities, spamming, credit card
frauds, ATM frauds, phishing, identity theft and a blossoming haven for cybercriminal
miscreants to perpetrate their insidious acts. The development of the internet and the
widened access to computer technology has created new opportunities for work and
business activities, as well as those who engage in illegal activities. The rise of
technology and online communication has not only produced a dramatic increase in the
incidence of criminal activities, but has also resulted in the emergence of what appears to
be a new variety of criminal activities. Both the increase in the incidence of criminal
activities and the possible emergence of new varieties of criminal activity pose
challenges for legal systems, as well as for law enforcement agencies (Brenner,
2007).While technological advancements have produced radical shifts in the ability to
reproduce, distribute, control, and publish information, the Internet in particular has
radically changed the economics and ease of reproduction (Longe and Chiemeke, 2008).
Computer networks have also radically changed the economics of distribution. With
transmission speeds approaching a billion characters per second, networks enable the
sending of information products worldwide, cheaply and almost instantaneously.
The Global Information Infrastructure (GII) presents vast opportunities, but it can
also be dangerous for the innocent people. Fraudulent schemes, scams and con artists
have certainly been around long before the introduction of the internet, however, with the
14
technology and explosive growth of the internet, fraud has quickly become a major
concern for consumers, merchants and governments. Furthermore, the introduction and
acceptance of the Global System for Mobile Communication (GSM) in Nigeria and the
proliferation of digital devices (such as the MP3 players, IPOD, IPAD, cell phones,
smart phones, GPRS enabled phones) and electronic platform services (such as blogs,
instant messaging and other web 2.0 platforms) contributes to the increase in internet
fraudulent acts.
1.1 BACKGROUND TO THE STUDY
Over the past twenty years, immoral cyberspace users have continued to use the internet
to commit crimes; this has evoked mixed feelings of admiration and fear in the general
populace along with a growing unease about the state of cyber and personal security.
This phenomenon has seen sophisticated and extraordinary increase recently and has
called for quick response in providing laws that would protect the cyber space and its
users. The first recorded cyber murder was committed in the United States seven years
ago. According to the Indian Express, January 2002, an underworld don in a hospital
was to undergo a minor surgery. His rival went ahead to hire a computer expert who
altered his prescriptions through hacking the hospital’s computer system. He was
administered the altered prescription by an innocent nurse, this resulted in the death of
the patient. Statistically, all over the world, there has been a form of cybercrime
committed every day since 2006. Prior to the year 2001, the phenomenon of cybercrime
was not globally associated with Nigeria. This resonates with the fact that in Nigeria we
came into realization of the full potential of the internet right about that time. Since then,
however, the country has acquired a worldwide notoriety in criminal activities, especially
financial scams, facilitated through the use of the Internet. Nigerian cyber criminals are
15
daily devising new ways of perpetrating this form of crime and the existing methods of
tracking these criminals are no longer suitable to deal with their new tricks. The victims
as well show increasing naivety and gullibility at the prospects incited by these
fraudsters. Since the issue of cyber security is raising a number of questions in the minds
of Nigerians, it is only fair that we answer these questions.
Crime remains indefinable and ever strives to hide itself in the face of
development. As measures and techniques for detecting crimes and criminals advance,
criminals also look for means of hiding from these measures and the Internet currently
serves as a hiding place for fraudsters who have simply migrated from the streets to an
electronic platform offered by the World Wide Web. Different nations have adopted
different strategies to contend with crimes depending on their nature and extent.
Certainly, a nation with high incidence of crime cannot grow or develop. That is so
because crime undermines development. It leaves negative social and economic
consequence (Sylvester, 2001).For Nigeria, a nation in the process of saving her face
regarding cybercrimes; efforts are now being directed at the sources and channels
through which cybercrimes are perpetuated. The task of re-stigmatizing cybercrime and
re-dignifying honest is not as easy as that of institutionalising a deterrence mechanism
like Code of Conduct Bureau, Independent Corrupt Practices and other related Crimes
Commission (ICPC), Economic and Financial Crime Commission (EFCC) and many
more. This is after many years at the bottom of the ladder of the corrupt nations of the
world, which is based on some index set by the Transparency International (TI), an anti
corruption crusader group. The Advance Fee Fraud popularly called “419” has given
birth to cybercrime. Needless to say that cybercrime popularly called “Yahoo-Yahoo” is
an offshoot of Advanced Fee Fraud. Advance Fee Fraud which became popular in the
early ‘90s, has now produced its first offspring with mostly the unemployed and
16
undergraduates as its practitioners. The quest of social scientists and historians is, ‘how
did a society that value hard work, cooperation and contentment become deeply rotten in
corruption (Ogunsanya, 2006). The answer to this can be linked to the materialistic
value of the country.
Majority of the cybercrimes perpetrated in Nigeria generally are targeted at
individuals and not necessarily computer systems, hence they require less technical
expertise. The damage done manifests itself in the real world. Human weaknesses such
as greed and carelessness are generally exploited. The damage done is largely
psychological and financial. These crimes are similar to theft, and the likes that have
existed for centuries, even before the development of high-tech equipment. Through the
internet, the same criminals or persons with criminal intents have simply been given a
tool which increases their potential pool of victims and make them all the harder to trace
and apprehend (Aghatise, 2006).The challenge in fighting cybercrimes today relates to
the fact that cybercrimes have been in existence for only as long as the Global
Information Infrastructure exists. This explains the unpreparedness of society and the
world in general towards combating them. Numerous crimes are committed daily on the
Internet with Nigerians at the forefront of sending fraudulent and bogus financial
proposals all over the world. Criminals involve in the Advance Fee Fraud schemes (419)
are now popularly referred to as “yahoo-yahoo” in Nigeria. The nation has therefore
carved a position for herself as source of what is now generally referred to as “419”
mails named after Section 419 of the Nigerian Criminal Code (Capp 777 of 1990) that
prohibits Advance Fee Fraud.
Apart from the availability and usage of Internet facilities in cyber cafes for scam
mails and other cybercrimes, the evolution of fixed wireless facilities in the Nigerian
network landscape has added another dimension to the cybercrimes problem. Fraudsters
17
who can afford to pay for Internet connection vial fixed wireless lines can now perpetrate
their evil acts within the comfort of their homes. In some cyber cafes, a number of
systems are dedicated to fraudsters (popularly referred to as “yahoo boys”) for the sole
purpose of hacking and sending fraudulent mails. Other cyber cafes share their
bandwidth (popularly referred to as home use) to some categories of customers who
acquire systems for home use in order to perpetuate cybercrimes from their homes
(Longe and Chiemeke, 2008).
1.2 STATEMENT OF THE PROBLEM
The internet creates unlimited opportunities for commercial, social and other human
activities. But with cybercrime, the Internet introduces its own peculiar risks. What are
the menace cybercrime and cyber-security threats poses to Nigeria? The convenience
associated with Information Technology and the Internet is now being exploited to serve
criminal purposes. Cybercrime covers Internet fraud not just online Advance Fee Fraud
(419), also the use of computers and or the Internet to commit crime. Computer-assisted
crime includes e-mail scams, hacking, distribution of hostile software (viruses and
worms), denial of service attacks, and theft of data, extortion, fraud and impersonation.
Waziri (2009) spoke about the dreadful level of corruption as being a threat to Vision
20:2020. Cyber-crime is an obstacle that may shut the door of progress against the
nation. This was why Aluko (2004) gave seventeen (17) ways of stopping financial
corruption in Nigeria. One of these crimes according to him has to do with cybercrimes.
The global village currently records an increasing criminal behaviour. News of
cybercriminal activities continue to fill the pages of the newspaper, it is central to world
news and has become a global problem. There is hardly a place where computers and
internet facilities are found that cases of crime are not recorded. New modes of
18
operation are developing as the Global System for Mobile-telecommunication (GSM) is
now used for browsing. A lot of young people are common among the perpetrators of
these criminal activities. They spend hours browsing and sometimes stay awake all night
to carry out their nefarious activities. The people involved are mostly found within the
ages of fifteen to thirty years.
According to Erhabor (2008), cybercrimes are described as one of the fastest
growing criminal activities on the planet. He repeated the fact that it covers a large range
of illegal activity including financial scams, computer hacking, downloading of
pornographic images from the internet, virus attacks, stalking and creating websites that
promote hatred. In recent time, young students in the tertiary institution engaged in
forgery of all kinds ranging from false admission paper to school fees receipts,
certificates racketeering and examination malpractice that is, accessing useful
information during examinations through the handset and other electronic devices. Ajao
(2008) said Nigeria, Ghana and South Africa top cybercrime in Africa. Nigeria is not
spared from the heartache caused by cybercrimes.
The fight against cybercrime and cyber security threats in Nigeria requires not
just knowledge of Information Technology but Information Technology Intelligence on
the part of the security agencies. In Nigeria, there is an Information Technology Security
divide – a serious shortage of skills to deal with the threats associated with Information
Technology. Shouting and moaning about cybercrime is not enough. All the talk is
meaningless unless the gap is closed. Security agencies need to be equipped with the
skills, the know-how and the insight necessary to fight cybercrime effectively. The
findings above are worrisome and it is in order to curb and proffer solution to the above
that the study intends to look at the sociological and technological factors influencing
cybercrime and cyber security in Nigeria.
19
1.3 JUSTIFICATION OF THE STUDY
The Global Information Infrastructure creates unlimited opportunities for commercial,
social and educational activities. However, it is increasingly under attack by cyber
criminals; as the number, cost and sophistication of attack are increasing at alarming
rates. The challenge in fighting cybercrimes and cyber security threats today relates to
the fact that, they have been in existence for only as long as the Global Information
Infrastructure exists. This explains the unpreparedness of society and the world in
general towards combating them. In addition, the study is significant because its findings
have potential for providing an aid in formulating appropriate legal and framework for
cyber law and cyber security in Nigeria. It will also examine various dimensions of
cybercrime and cyber security threats in Nigeria.
1.4 RESEARCH OBJECTIVES
The general objective is to provide information and analysis which lawmakers, policy
makers and law enforcement agencies in Nigeria can use in order to create legal
definitions which are meaningful from sociological and technological perspectives of
cybercrime and cyber-security.
The specific objectives are as follows:
1. To identify informal, sociological and technological causes of cybercrime and
cyber security in Nigeria.
2. To identify and analyse the techniques used by cyber criminals and the use of
cyber space for fraud.
3. To analyse the approaches adopted by Nigerian law enforcement agencies and
cyber security stakeholders in combating cybercrime and ensuring cyber security.
4. To provide Nigerian based typologies of cybercrime.
20
1.5 RESEARCH QUESTIONS
This research study aims to assess the vulnerability of the Nigerian society to crime and
abuse on computer networks and the Global Information Infrastructure at large. The
study then attempts to answer the following questions:
1. How are Nigeria anti-graft agencies tackling cyber-crime and cyber security
threats?
2. How effective and efficient are the efforts of the security agencies in combating
cybercrime and ensuring cyber security in Nigeria?
3. What can be done to improve the state of cybercrime and cyber security in
Nigeria?
4. What are the techniques used by scammers in perpetrating cybercrime in Nigeria?
1.6 SCOPE OF THE STUDY
In order to ensure effectiveness and focus of study, this research is limited to a particular
information rich subset of stakeholders in cyber activities. The research will be limited
to Law Enforcement Agencies in Nigeria, Cyber Security Governmental Agencies in
Nigeria, practicing scammers, cybercriminals and scam baiter correspondence. The
research sets out to examine the sociological and the technological factors that impact
cybercrime and cyber security in Nigeria. It covers the events that occur from 2001 to
2010 and the unit of analysis is organization.
1.7 METHODOLOGY
A mixed research approach is needed for adequate insight and knowledge into solving
and achieving the research problem and objectives. The study will approach the issue of
cybercrime from theoretical and investigative points of views. This study will use a
combination of existing literature studies, direct in-depth primary research and secondary
21
materials from the Internet. The study population for this study includes, Law
Enforcement Agencies, Cyber Security Governmental Agencies and Scam baiter
correspondence.
1.8 DEFINITION OF TERMS
Advance Fee Fraud: Advance Fee Fraud is a rising type of Internet crime causing
Internet users to lose significant amounts of money. The expression ‘Advance Fee
Fraud’ (AFF) describes fraud cases in which criminal fraudsters convince a victim that
the victim has won a prize or been selected for a business deal with easy money to be
gained and the only condition to obtain the gain is that the victim has to pay a small
amount of money in advance. When the victim pays the fee, it will not bring him closer
to receiving the gain. In fact, he only risks losing more money as the fraudster will be
encouraged to re-contact the victim to request the payment of additional fees for the
same transaction.
Scam: A “confidence trick” is an attempt to defraud a person or group after first gaining
their confidence, used in the classical sense of trust.
Denial of Service Attack: is an attempt to make a machine or network resource
unavailable to its intended users.
Theft of Data: Data theft is a growing problem primarily perpetrated by office workers
with access to technology such as desktop computers and hand-held devices capable of
storing digital information such as USB flash drives, iPods and even digital cameras.
