In today’s digital age, Nigeria’s media houses are not just telling the nation’s stories, they are under threat from forces determined to rewrite those stories using deception, manipulation, and silent cyber sabotage.

The dangers go beyond sensational headlines or conspiracy theories. Journalists and broadcasters in Nigeria now operate in a world where technology can fabricate a voice, mimic a face, or hijack a newsroom’s entire operation with one malicious email. From ransomware locking down TV stations to fake videos eroding public trust, these threats are not hypothetical, they are here.

Take Deepfakes, for example. These are hyper-realistic videos or audio clips created using artificial intelligence to make someone appear to say or do something they never actually did. They are often used to impersonate public figures, mislead the public, or stir political unrest. In June 2025, a fabricated video emerged showing former presidential candidate Peter Obi seemingly praising Burkina Faso’s military leader. The video spread widely on social media before being debunked by the fact-checking platform Dubawa, which noted mismatched lip movements and audio classic markers of a Deepfake.

It does not end there. The Advertising Regulatory Council of Nigeria (ARCON) recently flagged AI-generated ads on Facebook and Instagram using the likenesses of Pastor Enoch Adebayo and Seun Okinbaloye, a respected journalist, to falsely endorse questionable products. These were created without consent and aimed to deceive the public by exploiting familiar and trusted faces.

Such incidents shows how Deepfakes are no longer futuristic novelties, they are real threats to truth, reputation, and national cohesion.

Yet while Deepfakes manipulate perception, phishing attacks target trust. Phishing is when cybercriminals disguise themselves as trustworthy individuals, often via email or text to trick people into revealing confidential information, clicking malicious links, or downloading infected files. The Cybersecurity Experts Association of Nigeria (CSEAN) estimates that nearly half of successful attacks on Nigerian newsrooms originate from phishing emails, many disguised as messages from editors, advertisers, or foreign media partners.

Then there’s the silent danger posed by pirated software. In an effort to reduce costs, some public and private media organisations still rely on unlicensed software programs that have been illegally copied or distributed. What many don’t realise is that pirated software often carries hidden malware like Trojans, Worms, or Spyware that attackers use to infiltrate systems unnoticed. According to the BSA Global Software Survey, 37% of software in countries like Nigeria is unlicensed. That makes entire newsrooms vulnerable, especially when such software is used for editing, production, or communication.

I have seen first-hand, in my work as an IT professional, how these seemingly small shortcuts can lead to major breakdowns. In 2022, a major Lagos television station reportedly suffered a ransomware attack, a type of malware that locks computer files and demands payment for their release halting its broadcast operations. Similar attacks have occurred globally, including against Cox Media Group in the United States.

Unfortunately, many Nigerian media houses are ill prepared to respond when these attacks occur. Without an Incident Response Plan (IRP), which is a documented strategy outlining how to detect, contain, and recover from these cyber incidents, organisations risk delays, financial losses, and reputational damage. The SANS Institute reports that organisations with an IRP in place recovers faster and at lower cost than an organization, that does not have IRP in place.

So, what must be done?

First, the government should formally recognise media organisations as critical digital infrastructure, integrating them into Nigeria’s National Cybersecurity Policy and Strategy (NCPS 2021). This would provide access to risk assessments, support from the Office of the National Security Adviser (ONSA), and coordination with agencies like NITDA and NCC.

Secondly, training must go beyond the IT department. Journalists, editors, and newsroom staff should receive basic cybersecurity awareness training. How to spot phishing attempts or links, how to spot or handle suspicious content, and how to report incidents. Groups like the Nigeria Union of Journalists (NUJ) and Broadcasting Organisation of Nigeria (BON) can collaborate with international bodies such as the International Center for Journalists (ICFJ) and Reporters without Borders (RSF) to create recurring education programs.

Thirdly, there must be an end to pirated tools. Publicly funded media outlets should be subjected to software licensing audits, while the government and private sector collaborate to offer affordable legal software alternatives for smaller outlets.

Lastly, cybersecurity must become part of newsroom culture. Strong passwords, multifactor authentication, phishing simulations, and routine drills should be as common as editorial meetings.

This is not just a technical issue. When newsrooms fall to cyberattacks, the ripple effects reach the entire public. Falsehoods can shape elections. Leaked sources can endanger lives. A disrupted broadcast can silence critical voices.

In the end, cybersecurity is about protecting press freedom in a digital age. It is about ensuring that facts remain facts, that journalists can work without fear, and that the public receives information that is accurate and trustworthy.

Nigeria’s media houses are more than information providers, they are defenders of democracy. However, without digital resilience, even the truth can be hacked. Now is the time to act.

… Isiaka is assistant director IT & head network and cybersecurity