By Funmilola Gboteku
The growing use of Artificial Intelligence (AI) is accelerating cyber attacks on Nigerian banks, businesses and public institutions, raising fresh concerns over data protection and digital trust in the country.
Emmanuella Aston, Programme Officer for Cybersecurity and Digital Protection at Techsocietal, a NGO, disclosed this in an interview with the News Agency of Nigeria (NAN) while assessing Nigeria’s evolving cyber threat landscape.
Aston said AI had transformed cybercrime by making attacks faster, cheaper and more sophisticated for criminals targeting vulnerable digital systems.
According to her, AI-powered tools now enable hackers to automate phishing campaigns, crack passwords within minutes and coordinate large-scale Distributed Denial of Service (DDoS) attacks against critical platforms.
“The beautiful thing about AI is that it makes everything easier and faster, but it also does the same for attackers,” she said.
She explained that cybercriminals previously needed extensive technical processes to compromise systems, but AI had significantly reduced the complexity of launching coordinated attacks.
Aston noted that phishing emails generated with AI had become more convincing and difficult for users to identify, increasing the chances of financial fraud and data theft.
She added that AI-driven bots were also making it easier for attackers to overwhelm banking and telecom platforms, disrupting operations and affecting customer confidence.
According to her, the rapid growth of technology in Nigeria is outpacing digital literacy, leaving many internet users exposed to exploitation.
She said the country still faced major knowledge gaps, with many citizens lacking basic cybersecurity awareness despite increasing dependence on digital platforms.
“In that instance, it makes exploitation easy because people do not understand how valuable their information is,” she said.
The cybersecurity expert stressed that customer trust remained critical for banks and digital service providers operating in Nigeria’s expanding digital economy.
She noted that although Nigerians had embraced digital banking and online services, cyber breaches could quickly damage public confidence in affected institutions.
Aston said customers rarely abandoned digital services completely after cyber incidents, but often switched to alternative platforms they considered more secure.
“We have moved from trusting cash to trusting banks and now digital systems. Trust is a huge currency in that ecosystem,” she said.
She described data as the “new oil” of the economy, warning that many organisations still underestimated the risks associated with poor data protection practices.
According to her, cyber attackers often combine personal details such as phone numbers, email addresses and social media activity to build targeted attacks against individuals and businesses.
She expressed concern over the growing rate of data leaks in Nigeria, saying some organisations continued collecting sensitive customer information without proper safeguards.
Aston criticised businesses for demanding excessive customer details, even when such information was unnecessary for service delivery.
“Many organisations still see data protection as just a compliance issue instead of a security and trust issue,” she said.
She also raised concerns about weak cybersecurity awareness among Small and Medium Enterprises (SMEs), particularly online businesses operating mainly through social media platforms.
According to her, many SMEs do not fully understand their obligations under Nigeria’s data protection laws, exposing customers to avoidable risks.
Aston called for stronger regulatory enforcement, wider public education and improved compliance mechanisms to strengthen Nigeria’s cyber resilience.
She urged regulators and enforcement agencies to increase awareness about citizens’ rights regarding data protection and reporting of breaches.
The expert also stressed the need for organisations to treat data security as part of their core service responsibility to customers, rather than merely satisfying regulatory requirements.(NAN)