MATRIC NO: 15/69/0011

QUESTION: Write a brief note on cybercrime law in Nigeria. Discussing:

i. Scope of the law
ii. Implication of the law
ii. Content of the law
Cybercrime law includes laws related to computer crime, internet crime, information crimes,
communications crimes and technology crimes. While the internet and the digital economy
represent a significant opportunity, it is also an enabler for criminal activity. Cybercrime laws are
laws that create the offences and penalties for cybercrimes. Cybercriminals may use computer
technology to access personal information, business trade secrets or use the internet for
exploitative or malicious purposes. Criminals can also use computers for communication and
document or data storage.
SCOPE OF THE LAW
Cyber law is associated with all the areas of business which have a
technological bend. Cyber-crime is a criminal exploitation of the internet. A misconduct that is
committed against an individual or groups of individuals with an unlawful intention to hurt the
position of the victim or cause any mental or physical harm to the victim directly or indirectly by
using advanced IT and related sources such as Internet and mobile phones is termed as cyber-
crime. Such crimes may be harmful for a country. Six areas of concern for a cyber-law namely,
e-commerce, online contracts, business software patenting, e-taxation, e-governance, and
cybercrimes.
IMPLICATION OF THE LAW
The principal responsibilities placed on financial institutions are contained in Part IV of the Act.
Section 37(1) places a duty to verify the identity of customers carrying out electronic financial
transactions, requiring the customers to present documents bearing their names, addresses and
other relevant information before issuing ATMs, credit or debit cards and other related electronic
devices. Failure to do so attracts a fine upon conviction.
Section 38 requires service providers to keep all traffic data and subscription for a period of at
least two years. Further, service providers are required to turn over such information to law
enforcement agencies and failure to comply with either attracts a fine of 7m naira.
Section 39 requires service providers, upon a court order, to assist competent authorities with the
collection or recording of content and/or traffic data associated with specified communications.
Under s.40 they are required to provide assistance to law enforcement agencies in identifying
offenders, tracing proceeds of offences and the cancellation of services used to commit offences.
CONTENTS OF THE LAW
Cybercrimes usually threaten a nation’s security and financial health. As a matter of fact,
cybercrimes sometimes transcends the national border of a country as if often involves the
interests of at least another nation state. Thus, criminal activities perpetrated on the internet range
from fraud, theft, extortion, hacking, copyright infringement, plagiarism, child grooming,  cyber
stalking, cyber warfare, cyber terrorism, to mention a few.
MATRIC NO: 15/69/0011
COM 317
QUESTION: Write short note on the following
I. Attack
II. Vulnerability and Vulnerability management
III. Risk and Risk management
An attack in computer security is a type of offensive maneuver that targets computer information
systems, infrastructures, computer networks, or personal computer devices. Attacks can range
from installing threats like spyware or malware on a personal computer to attempting to destroy
the infrastructure of entire nations. There are many different kinds of attacks, including but not
limited to passive, active, targeted, click jacking, brand jacking, botnet, phishing, spamming,
inside and outside.
Vulnerability refer to any type of weakness present in a computer itself, in a set of procedures, or
in anything that allows information security to be exposed to a threat. The use of vulnerability
with the same meaning of risk can lead to confusion. The risk is the potential of a significant
impact resulting from the exploit of a vulnerability e.g. Bugs, weak passwords, buffer overflow,
missing authorization etc. While vulnerability management is the cyclical practice of identifying,
classifying, remediating, and mitigating vulnerabilities
A risk in computer security can be define as anything on your computer that may damage or steal
your data or allow someone else to access your computer, without your knowledge or consent.
There are a lot of different things that can create a computer risk, including malware, a general
term used to describe many types of bad software. Misconfiguration of computer products as
well as unsafe computing habits also pose risks. While risk management is the process of
identifying, assessing and controlling threats to an organization's capital and earnings. These
threats, or risks, could surface from a wide variety of sources, including financial uncertainty,
legal liabilities, strategic management errors, accidents and natural disasters.