|By Adejumo Adekunle – The recent cyberattack on Nigeria’s Corporate Affairs Commission (CAC) portal has once again drawn attention to a growing concern facing governments, businesses, and institutions across Africa: cybercriminals are becoming more sophisticated, more organised, and increasingly difficult to stop.
The incident, which affected one of Nigeria’s most important digital public service platforms, raised fresh questions about the security of critical digital infrastructure at a time when governments are accelerating digital transformation initiatives. For millions of Nigerians who depend on online services for company registration, business compliance, and access to government records, the attack served as a reminder that cybersecurity is no longer merely an IT issue. It has become a matter of economic stability, public trust, and national resilience.
According to cybersecurity researcher and Associate Professor of Cybersecurity, Professor Morufu Olalere, attacks on critical platforms such as the CAC portal reflect a broader shift in the cybercrime landscape.
“Cybercriminals today operate with a level of sophistication that was uncommon a decade ago,” he said. “They are leveraging automation, artificial intelligence, social engineering, and advanced malware to identify vulnerabilities and exploit them at scale.”
Cybercrime has evolved significantly from the early days of opportunistic hacking. What was once driven largely by individuals seeking notoriety has transformed into a highly organised ecosystem involving criminal networks, ransomware groups, and cybercrime syndicates operating across international borders. Many of these groups function like legitimate businesses, complete with technical specialists, customer support structures, and profit-sharing arrangements.
This professionalisation of cybercrime has contributed to a dramatic increase in both the frequency and complexity of attacks. Government institutions have become particularly attractive targets. They manage large volumes of sensitive information, provide essential public services, and often operate systems that must remain continuously available. A successful attack can disrupt operations, compromise data, damage public confidence, and generate significant financial and reputational costs.
The recent CAC incident illustrates how a single security breach can have implications far beyond the affected organisation. Businesses depend on the platform for registrations, filings, and compliance activities. Any disruption can affect commercial activity and create uncertainty for thousands of users.
“Critical infrastructure is increasingly interconnected,” Professor Olalere explained. “When one important digital platform is compromised, the impact can extend to businesses, institutions, and citizens who rely on those services.”
One reason cybercrime is becoming more effective is the growing use of artificial intelligence by attackers. AI-powered tools can automate phishing campaigns, identify potential targets, analyse vulnerabilities, and generate highly convincing fraudulent communications. These capabilities allow attackers to operate more efficiently and at a much larger scale than was previously possible.
Phishing attacks remain among the most successful forms of cybercrime. However, modern phishing campaigns are far removed from the poorly written scam emails that characterised earlier attacks. Criminals now use publicly available information, behavioural analysis, and AI-generated content to create messages that closely resemble legitimate communications.
As a result, even experienced users can struggle to distinguish malicious messages from authentic ones. Professor Olalere’s research focuses on helping organisations defend against these evolving threats through the application of machine learning and intelligent detection systems. His work spans phishing detection, malware analysis, intrusion detection, ransomware identification, cyber resilience, and the use of artificial intelligence to strengthen cybersecurity defences.
One area of particular interest is the development of intelligent systems capable of identifying malicious activity before significant damage occurs. Traditional security systems often rely on signatures or known attack patterns. While effective against previously identified threats, they may struggle to detect entirely new forms of attack. Machine learning offers a more adaptive approach by analysing behaviour and identifying anomalies that may indicate malicious activity.
“Every cyberattack leaves traces,” Professor Olalere said. “The challenge is recognising those signals early enough to respond effectively. Artificial intelligence can help security teams identify patterns that may otherwise remain hidden within vast volumes of data.”
This proactive approach is becoming increasingly important as cyber threats continue to evolve. Rather than waiting for an attack to occur, organisations are investing in technologies that enable earlier detection and faster response.
The rise of ransomware further highlights the changing nature of cybercrime. Criminal groups now operate ransomware-as-a-service platforms, providing tools that allow less technically skilled actors to launch attacks. This business model has lowered the barriers to entry and expanded the global cybercrime ecosystem.
At the same time, organisations face increasing pressure to protect sensitive information, comply with regulatory requirements, and maintain public trust. Cybersecurity failures can result in legal consequences, financial losses, and long-term reputational damage.
For Professor Olalere, technology alone is not enough to address these challenges.
“Cybersecurity is ultimately a combination of technology, people, and processes,” he noted. “Organisations must invest not only in technical solutions but also in awareness, training, governance, and continuous improvement.”
Education remains one of the most effective defences against cybercrime. Many successful attacks still exploit human error rather than technical weaknesses. Building a culture of cybersecurity awareness is therefore just as important as deploying advanced security tools.
Researchers, industry leaders, and policymakers are increasingly collaborating to strengthen cyber resilience across sectors. Through research, innovation, and capacity building, experts are working to ensure that organisations can adapt to emerging threats while maintaining the trust of those they serve.
The recent CAC cyberattack may be viewed as another warning sign in an increasingly complex digital environment. However, it also highlights the importance of ongoing cybersecurity research and the role that academics such as Professor Olalere play in developing solutions to some of the most pressing challenges facing modern society.
As Africa’s digital economy continues to expand, the battle between cybercriminals and defenders will undoubtedly intensify. The organisations best positioned to succeed will be those that embrace innovation, invest in resilience, and recognise that cybersecurity is no longer optional. It is a fundamental requirement for sustainable digital growth.
