Sept 17, 2008 -
The impact of the recent e-mail hoax about the President’s resignation
highlights the weakness of local and global information systems. Top
private and public communications organizations have been found wanting.
According to reports in Nigerian newspapers (The Nation Online, ThisDay Online), Wednesday September 17, 2008, a hoax e-mail was sent to several news organizations stating that President Yar’Adua would be resigning on health grounds. The report was reported to come from the News Agency of Nigeria (NAN).
A popular private TV station, Channels TV relayed the “rumour” and has since been shut down by Nigeria’s State Security Services (SSS).
A statement on the Channels TV Website says “security men arrested six top members of staff and four are still being held in the SSS offices in both Lagos and Abuja”. The fake "News Flash" supposedly from NAN reported that "President Umaru Musa Yar’Adua may resign after the cabinet reshuffle, on health grounds"
An expensive hoax
In view of the political implications the Presidency quickly came out to deny the report. Segun Adeniyi, the President’s spokesman stated emphatically that President Umar Yar’Adua has no plans of resigning on health grounds. The News Agency of Nigeria (NAN) has also refuted the story. Part of Adeniyi’s statement reads as follows, “Following inquiries that came in the wake of a report purportedly issued by NAN today (Tuesday September 16, 2008), the Presidency wishes to affirm that there is no truth whatsoever to the suggestion that President is contemplating resignation from office.
Since NAN itself has categorically denied being the source of the report that the President may resign, it can only be assumed that the report is the handiwork of persons who do not wish the country well."
In addition to quizzing NAN and Channels TV staff several newspaper reports today indicate a “serious” investigation into the mess is already in progress. The story was reportedly sent via e-mail from firstname.lastname@example.org. According to NAN, "The address is not that of NAN. The poor grammar, as indicated in the wrong spelling of "cabinet" could not have been that of NAN." NAN has also stated that it will no longer be using the free e-mail accounts (yahoo, gmail or hotmail) to send news items. The NAN press content says “The only authentic address NAN will be using from now on is: email@example.com.”
But before the NAN disclaimer, several local and international media organizations such as the Agence France Presse (AFP) had published and broadcast the story to the whole world.
The Motive and the Reaction
Is the hoax part of a grand conspiracy to cause disaffection in the country? Or a prankster that just wants to have fun and make people sweat? There is no doubt that it was deliberately deceptive. Whoever it is obviously understands the dynamics of the current situation in Nigeria vis-à-vis the President’s health. The motive of such a person or outfit is not clear but it has certainly shaken up Nigeria’s security and communications system. It is hoped that this “gentle shock” will help to make information security a top priority at all levels, especially in governance, information and communications.
Locking people up, looking for scapegoats may not bear fruit without holistic information and security policies. Investigations will attempt to trace the source of mischief if clues have been left. But the reality is that in today’s world anybody with some level of computer literacy and access to the Internet can create and own not one by several free web-based e-mail addresses. It’s possible to set up fake e-mail addresses or even masquerade using another person’s e-mail address. Irrespective of your background or intentions, the Internet provides cheap, user-friendly self-publishing tools for everyone for the good and the bad. This is not brain surgery but simply Computer/Internet Security Basics 101 - Security awareness required for the knowledge and technology driven world we live in.
Information technology is more than buying the latest laptops or setting up flashy websites.
There are threats and opportunities
The rapid rate of change in technology developments means technology has always outpaced security. In fact today, Information security encompassing integrity, confidentiality, privacy, availability and assurance, is a major concern in all countries – developing and developed. How do you manage your risks in an informed manner? Ignorance is no excuse in the knowledge world. Digital bad guys are here for the long haul. This along with the growing and massive demand for information and ICT enabled products and services are driving up the demand for security in the information society.
Lack of understanding of what Information security means is a major societal challenge. Most people online are unaware of the threats and the significance of the threats. It’s strange but people still fall victim to recharge card and the “Bill Gates is giving away all his money” scams. Do the affected organizations have information security policies? Realistic policies should be able to reduce the risks associated with hoaxes and other related threats. Why should government agencies use Yahoo and other free e-mail accounts for official communication? Information security is more than dealing with the “Yahoo miscreants” and Internet fraudsters. The absence of basic information security awareness at top level organizations is a strange and sad lapse in a technology and information driven world.
Drop the Dinosaur mentality
Furthermore, the “analogue” days of law enforcement are over. Security organizations must network themselves out of the Stone Age. The fire brigade approach of locking up the usual traditional suspects often does not work. When we talk of information security is it just talk? How much has been invested in terms of time, education, personnel and other core requirements? Security and intelligence activities today cover more than the physical and the tangible. Information security requires not just ICT knowledge but ICT enabled intelligence. You simply cannot police what you don’t understand. The information security system and personnel guard the whole perimeter while the attacker needs only one point of entry.
Information security isn’t a technology issue. Acquiring and installing the latest information security technologies makes no sense in an environment where behavioral safeguards are absent. In recognition of the fact that Information security is an important specialty area several initiatives such as the African Information Security Association (AISA) have been established to facilitate and promote information security.
Wake up Call
The hoax is a wake up call. Is Information security an integral component of national ICT and socio-economic policies? What is the state of cybersecurity legislation? Are electronic protection laws in place and working? We must go beyond “Paper policies”. There is a need for clearer and realistic policy direction. Is the knowledge culture a priority? How committed is leadership? Are the policies government “shows” or are other stakeholders involved? Don’t mind the GSM rates, talk is cheap.
As this case has shown, it’s not just a government concern. Information security needs are in all sectors. In the everlasting words of Janet Reno, former Attorney General of the United States of America “They have computers, and they may have other weapons of mass destruction”. .
Jide Awe is the Publisher of Jidaw.com
COMMENTS for "Nigeria’s President and the Power of the e-mail Hoax":