British-Nigerian man pleads guilty to $6m bank hacking crimes in New York spanning 7 years

Avatar
Cybersecurity

A British-Nigerian individual, Idris Dayo Mustapha, has admitted guilt in New York for participating in cyberattacks for over seven years. The scheme involved hacking into the computer servers of banks and brokerages, resulting in over $6 million in losses for customers.

Mustapha, 33, pleaded guilty to charges including access device fraud, conspiracy to commit computer intrusion and securities fraud, and conspiracy to commit wire fraud during a hearing before U.S. District Judge Pamela Chen in Brooklyn.

Lagos-born Mustapha was apprehended in the UK in August 2021 and later extradited to the U.S. the same year. Set for sentencing on April 3, 2024, he could potentially receive a maximum sentence of 20 years, although a lesser term is anticipated. As of now, Mustapha’s lawyer has not provided a comment. From January 2011 to March 2018, the accused and his associates purportedly utilized phishing and various methods to acquire usernames and passwords to access online accounts.

Cyberattacks and Risk Mitigation- Collaboration is the Only Way Out By Austin Okere

According to prosecutors, the individuals involved moved funds and securities from victims’ accounts to their own, executing unauthorized stock transactions in compromised accounts. Simultaneously, they conducted profitable trades in the same stocks within their personal accounts. The legal case is identified as U.S. v. Mustapha, filed in the U.S. District Court, Eastern District of New York, with case number 23-cr-00440.

Read More: Nigeria has only 8,352 cybersecurity professionals as global demand rises to 4 million

How banks are at risk


According to Investopedia, in a report published in January 2020 and revised in 2021, the Federal Reserve Bank of New York says the risk of spillover effects from cyberattacks is high because the banking system is interconnected. The report suggests a cyberattack on any of the five most active U.S. banks could affect 38% of the network.

Experts warn that U.S. banks are particularly susceptible to state-sponsored cyberattacks by countries including Russia, China, and North Korea.

“State-sponsored hacking is the biggest threat to our financial sector because of the capacities that they can bring to bear,” Jamil Jaffer, founder and executive director of George Mason University’s National Security Institute, told the House Financial Services Subcommittee on National Security, International Development, and Monetary Policy during a hearing in June 2020.

Impact of cyberattacks on bank customers

Consumers have relatively little to fear from routine cyberattacks on banks, provided they have not been lax about safeguarding their information and notify their bank promptly when funds go missing. U.S. law requires banks to refund money taken from customers’ accounts without authorization if the customer alerts the bank within 60 days of the transactions appearing on their bank statement. Business accounts, however, have fewer protections and could be subject to greater losses.

Buguard cybersecurity tips


While bank deposits of up to $250,000 are insured by the Federal Deposit Insurance Corporation (FDIC) for participating institutions, the banks themselves have no federal guarantee of solvency in the event of a major cyberattack. Such attacks could target bank processing systems and disrupt critical financial transactions.

How cyberattacks affect banks


Cyberattacks affect banks in many ways. In addition to the monetary loss that results from hackers stealing money from banks, banks incur additional costs in implementing cybersecurity to protect assets.

Furthermore, cyberattacks decrease the trust that customers have in institutions. If they believe their money will be stolen, they trust banks less to protect their money. Cyberattacks also interrupt the operations of banks, wreaking havoc across the institution and how it operates fundamentally.

Fraudulent loans rip commercial banks of N5.46bn in Q2 - FITC

How much banks lose to cyberattacks

According to a 2022 IBM Cost of a Data Breach Report, financial organizations averaged $5.97 million per breach. Also, some of the main threats used against banks in cyberattacks include ransomware, phishing, trojans, and spoofing.

Cybersecurity is a top concern for the banking sector. Consumers are likely to be able to recover their money under federal law, but some experts are concerned that escalating attacks could eventually threaten a big bank’s solvency

Read More: Africans still have plenty to learn about cybersecurity, new report finds


Technext Newsletter

Get the best of Africa’s daily tech to your inbox – first thing every morning.
Join the community now!

Register for Technext Coinference 2023, the Largest blockchain and DeFi Gathering in Africa.

Technext Newsletter

Get the best of Africa’s daily tech to your inbox – first thing every morning.
Join the community now!