Logo PTI Logo icrmat

Proceedings of the 2022 International Conference on Research in Management & Technovation

Annals of Computer Science and Information Systems, Volume 34

Digital Forensic Readiness of Cybercrime Investigating Institutions in Nigeria: A Case Study of the Economic and Financial Crimes Commission (EFCC) and the Nigeria Police Force

,

DOI: http://dx.doi.org/10.15439/2022M9438

Citation: Proceedings of the 2022 International Conference on Research in Management & Technovation, Viet Ha Hoang, Vijender Kumar Solanki, Nguyen Thi Hong Nga, Shivani Agarwal (eds). ACSIS, Vol. 34, pages 5357 ()

Full text

Abstract. This case study investigates Nigeria's cybercrime agencies' digital forensic readiness and forensic capability and how this affects the cybercrime caseloads and prosecution. The Routine Activity Theory (RAT) and the Technology, Organization, and Environment (TOE) theories were applied. This study used the TOE framework to examine the digital forensic technology adoption and forensic readiness of cybercrime investigators in Nigeria and relates this with the RAT framework and the effectiveness of law enforcement agencies as capable guardians. The research population of this study was the Nigerian Internet fraud investigative agencies -- the Economic and Financial Crimes Commission (EFCC) and the Nigeria Police Force (NPF). Eighteen participants from the two organizations were interviewed. The paper concluded that the cybercrime investigators in Nigeria are not forensically ready given the established lack of digital forensic resources (technological gap, human resources gap, skills gap, funding gap), particularly when juxtaposed with the high cybercrime caseloads in the country.

References

  1. O.S. Adesina, “Cybercrime and poverty in Nigeria”, 2017. Canadian social science, 13(4), 19-29.
  2. R. Ajetunmobi, C. Uwadia, and F. Oladeji, Computer forensic guideline: A Requirement for fighting cyber crime in Nigeria now?, 2016. UNILAG research conference 2016, Nigeria. https://ir.unilag.edu.ng/handle/123456789/5833
  3. O. Akanle, J. Adesina, and P. Akarah, “Towards human dignity and the Internet: The cybercrime (yahoo yahoo) phenomenon in Nigeria” 2016. African Journal of Science, Technology, Innovation and Development, 8(2), 213-220.
  4. O. Akanle and B. Shadare, Yahoo-plus in Ibadan: Meaning, characterization, and strategies, 2019. International Journal of Cyber Criminology, 13(2).
  5. A. Alenezi, R. Hussein, R. Walters, and D. Wills, A framework for cloud forensic readiness in organizations. 2017 5th IEEE International Conference on Mobile Cloud Computing, Services, and Engineering (MobileCloud), 199–204. https://doi.org/10.1109/MobileCloud.2017.12
  6. B. Algozzine, and D. Hancock, Doing case study research: A practical guide for beginning researchers. Teachers College Press, 2017.
  7. A. Almarzooqi and A. Jones, A framework for assessing the core capabilities of a digital forensic organization. In IFIP international conference on digital forensics (pp. 47-65). Springer, Cham 2016.
  8. Associated Press, “Nigerian man charged with hacking Los Angeles County emails”, 2016. Guardian newspaper. https://www.theguardian.com/us-news/2016/dec/18/los-angeles-county-email-hack-kelvin-onaghinor
  9. I. Ajzen, The theory of planned behavior. Organizational Behavior and Human Decision Processes, 50, 179–211, 1991.
  10. I. Ajzen and M. Fishbein, Understanding attitudes and predicting social behavior. Prentice-Hall Englewood Cliffs, 1980.
  11. T. Barboza, “LA County targeted in phishing cyberattack; Private information of 750,000 people compromised”, 2016. Los Angeles times. https://www.latimes.com/local/lanow/la-me-ln-county-cyberattack-20161217-story.html.
  12. P. Baxter and S. Jack, Qualitative case study methodology: Study design and implementation for novice researchers. The qualitative report, 13(4), 544-559, 2008.
  13. M. Bello and M. Griffiths, Routine activity theory and cybercrime investigation in Nigeria: How capable are law enforcement agencies? In Rethinking Cybercrime (pp. 213-235), 2021. Palgrave Macmillan, Cham.
  14. B. Carrier and E. Spafford, An event-based digital forensic investigation framework, 2004. Digital Investigation. https://dfrws.org/wp-content/uploads/2019/06/2004_USA_paper-an_event-based_digital_forensic_investigation_framework.pdf
  15. K. Choi, C. Lee, and E. Louderback, Historical evolutions of cybercrime: From computer crime to cybercrime. The Palgrave Handbook of International Cybercrime and Cyberdeviance, 27-43, 2020.
  16. L. Cohen and M. Felson, Social change and crime rate trends: A routine activity approach. American Sociological Review, 588-608, 1979.
  17. C. Cross, Victims' motivations for reporting to the 'fraud justice network.' Police Practice and Research, 19(6), 550-564, 2018.
  18. F. D. Davis, “Perceived Usefulness, Perceived Ease of Use, and User Acceptance of Information Technology” 1989. MIS Quarterly, 13(3), 319–340. https://doi.org/10.2307/249008
  19. F. E. Eboibi, A review of the legal and regulatory frameworks of the Nigerian Cybercrimes Act 2015. Computer Law & Security Review, 33(5), 700-717, 2017.
  20. Economic and Financial Crimes Commission, UK government donates forensic equipment to EFCC, 2013. https://efccnigeria.org/efcc/news/576-uk-government-donates-forensic-equipment-to-efcc
  21. Economic and Financial Crimes Commission, UK to support EFCC's anti-corruption fight with digital forensic technology, 2018. https://efccnigeria.org/efcc/news/3328-uk-to-support-efcc-s-anti-corruption-fight-with-digital-forensic-technology
  22. O. Ehimen and A. Bola, Cybercrime in Nigeria. Business Intelligence Journal, 3(1), 93-98, 2010.
  23. M. Elyas, S.B. Maynard, A. Ahmad, and A.Lonie, Towards a systemic framework for digital forensic readiness. Journal of Computer Information Systems, 54(3), 97-105, 2014.
  24. L. Englbrecht, S. Meier, and G. Pernul, “Towards a capability maturity model for digital forensic readiness”. Wireless Networks, 1-13, 2019.
  25. A. Garba and M. Siraj, A holistic–based digital forensic readiness framework for Zenith Bank, Nigeria. International Conference on Computational and Social Sciences, 551-560, 2015.
  26. A. Garba and A. Bade, A recommended digital forensics readiness framework for Nigerian banks. International Journal of Development Research, 9(08), 2019.
  27. P. Grabosky, Virtual criminality: Old wine in new bottles? Social & Legal Studies, 10(2), 243-249, 2001.
  28. A. Hinchliffe, “A Nigerian princes to kings of malware: The next evolution in Nigerian cybercrime”. Computer Fraud & Security, 2017(5), 5-9, 2017.
  29. I. Jamo, Economic and Financial Crimes Commission (EFCC) and Anti-Corruption Crusade in Nigeria: Success and Challenges. Gusau International Journal of Management and Social Sciences, 4(2), 13-13, 2021.
  30. A. Kigerl, Spam-Based Scams. In Holt T. & Bossler A. (Eds.), The palgrave handbook of international cybercrime and cyber deviance, 2020. Palgrave Macmillan, Cham. https://doi.org/10.1007/978-3-319-78440-3_42
  31. E. Leukfeldt and M. Yar, Applying routine activity theory to cybercrime: A theoretical and empirical analysis. Deviant Behavior, 37(3), 263-280, 2016.
  32. M. Makutsoane, and A. Leonard, A conceptual framework to determine the digital forensic readiness of a cloud service provider, July 2014. In Proceedings of PICMET'14 Conference: Portland International Center for Management of Engineering and Technology; Infrastructure and Service Integration (pp. 3313-3321).
  33. C. Marshall and G. Rossman, Designing qualitative research, 2014. Sage publications.
  34. M. Miles and A. Huberman, Qualitative data analysis: An expanded sourcebook, 1994. Sage.
  35. S. R. Muller and D. N. Burrell, “Social Cybersecurity and Human Behavior. International Journal of Hyperconnectivity and the Internet of Things (IJHIoT)”, 6(1), 1-13, 2022.
  36. S. R. Muller and M.L. Lind, “Factors in information assurance professionals' intentions to adhere to information security policies”. International Journal of Systems and Software Security and Protection (IJSSSP), 11(1), 17-32, 2020.
  37. News Agency of Nigeria , “Police to create a special unit to tackle cybercrime”, 2016. Guardian Newspaper. https://guardian.ng/news/police-to-create-special-unit-to-tackle-cybercrime/
  38. S. Ngobeni, H. Venter, and I. Burke, “A forensic readiness model for wireless networks”. In K.-P. Chow & S. Shenoi (Eds.), Advances in Digital Forensics VI (Vol. 337, pp. 107–117), 2010. Springer Berlin Heidelberg. https://doi.org/10.1007/978-3-642-15506-2_8
  39. Nigerian Deposit Insurance Company, NDIC annual report 2018, 2019. https://ndic.gov.ng/wp-content/uploads/2019/09/NDIC-2018-ANNUAL-REPORT.pdf
  40. E. Obuah, Combatting corruption in Nigeria: The Nigerian economic and financial crimes (EFCC). African Studies Quarterly, 12(1), 2010.
  41. J. O. Odumesi, A socio-technological analysis of cybercrime and cyber security in Nigeria. International Journal of Sociology and Anthropology, 6(3), 116-125, 2014.
  42. T. Oliveira and M. Martins, Literature review of information technology adoption models at firm level. Electronic Journal of Information Systems Evaluation, 14(1), pp110-121, 2011.
  43. B. Omodunbi, P. Odiase, O. Olaniyan and O. Esan, Cybercrimes in Nigeria: Analysis, detection, and prevention. Journal of Engineering and Technology, 1(1), 37-42, 2016.
  44. I. Oraegbunam, “The Nigerian police and problems of cybercrime investigation: Need for adequate training”. Nigerian Law Journal, 18(1), 1-28, 2015.
  45. W. Percy, K. Kostere and S. Kostere, Generic qualitative research in psychology. The qualitative report, 20(2), 76-85, 2015.
  46. A. Pooe and L. Labuschagne, A conceptual model for digital forensic readiness, August 2012. In 2012 Information Security for South Africa (pp. 1-8). IEEE.
  47. R. Stake, The art of case study research. Sage, 1995.
  48. E. Straub, Understanding technology adoption: Theory and future directions for informal learning. Review of educational research, 79(2), 625-649, 2009.
  49. Symantec Corporation and African Union,Cybercrime & cybersecurity trends in Africa, 2016. www.thehaguesecuritydelta.com/media/com_hsd/report/135/document/Cyber-security-trends-report-Africa-en.pdf
  50. J. Tan, Forensic readiness. Cambridge, MA:@ Stake, 1-23, 2001.
  51. A. Tseloni, K. Wittebrood, G. Farrell, and K. Pease, Burglary victimization in England and Wales, the United States and the Netherlands: A cross-national comparative test of routine activities and lifestyle theories. British Journal of Criminology, 44(1), 66-91, 2004.
  52. I. Umar, R. Samsudin, and M. Mohamed, Understanding the successes and challenges of Anti-Corruption Agency (ACA) in Nigeria: A case of Economic and Financial Crimes Commission (EFCC). Asian Journal of Multidisciplinary Studies, 4(5), 27-33, 2016.
  53. V. Venkatesh, M. Morris, G. Davis, and D. Davis, User Acceptance of Information Technology: Toward a Unified View, 2003). MIS Quarterly, 27(3), 425–478. https://doi.org/10.2307/30036540