AI-Powered Ransomware Is Coming for Nigerian Banks — And the Time to Prepare Is Now

Folalumi Alaran in Abuja

IN September 2025, the Chartered Institute of Bankers of Nigeria brought together more than 10,000 banking and finance professionals at Transcorp Hilton, Abuja, for its 18th Annual Banking and Finance Conference. The theme — “The New Economic Playbook: The Intersection of Banking, Policy, and Technology” — was carefully chosen. One of the conference’s three principal business sessions was dedicated entirely to navigating the AI revolution and charting a strategic direction for Nigerian financial institutions facing a technology landscape that is shifting beneath their feet.

Into that moment of national industry reckoning steps Kofoworola Idowu — cybersecurity researcher, Yeshiva University, and one of the most credentialed Nigerian voices now speaking at the intersection of artificial intelligence and banking security. Her message to Nigeria’s financial institutions is both timely and unsparing: the cyber threat landscape is mutating faster than most boardrooms have acknowledged, and a wave of AI-powered autonomous ransomware attacks is not a distant horizon — it is an approaching reality that demands immediate, technical, and intelligent preparation.

Idowu does not speak from the margins of this debate. Her research on the real-time detection of Distributed Denial-of-Service (DDoS) and phishing attacks — the specific techniques most aggressively deployed against financial institutions — has been submitted for publication in a reputable journal, and selected for presentation at two of the most competitive cybersecurity forums in North America. It is from that platform of earned authority that she now turns her expertise squarely toward Nigeria.
The timing of Idowu’s warning could not be more pointed. In the same month the CIBN conference opened its doors in Abuja, the global cybersecurity community was absorbing a deeply unsettling development. Security researchers at New York University published findings on a prototype they called “Ransomware 3.0” — the first large language model (LLM)-orchestrated ransomware system, capable of conducting reconnaissance, generating malicious code dynamically at runtime, and executing personalized extortion campaigns from start to finish, entirely without human involvement.

Security firm ESET, which identified traces of the system in the VirusTotal virus scanner, described it as the first known AI-powered ransomware. Though still a laboratory proof of concept, experts across the field were categorical: criminal adoption of this architecture is not a question of whether, but when. Joseph Steinberg, a leading US-based cybersecurity and AI authority, noted that he had already observed AI systems capable of independently scanning networks, writing malware, and identifying high-value targets. “It is no surprise,” he said, “that someone found a way to have an AI automate such functions.”
Nigeria’s banking sector — one of the most digitally active on the continent, with over 130 million account holders and an increasingly mobile-first transaction environment — is precisely the kind of high-value, interconnected target that autonomous ransomware campaigns are built to exploit. The conference delegates in Abuja were right to be asking hard questions. Idowu’s contribution is to answer them with science.

Kofoworola Idowu’s path to international cybersecurity credibility runs through Yeshiva University in the United States, where she developed deep expertise in cybersecurity systems and their application to financial infrastructure. Her current research addresses one of the most operationally critical problems in banking security: the dangerous gap between the moment an attack begins and the moment it is detected.

In conventional security architectures, that gap can stretch to hours or days — more than enough time for attackers to encrypt systems, exfiltrate data, and issue ransom demands before any human analyst raises an alert. Idowu’s research proposes machine learning-driven detection frameworks specifically calibrated for the two attack types most aggressively deployed against financial institutions: DDoS attacks, which overwhelm banking infrastructure and take services offline at critical moments, and phishing attacks, which use AI-enhanced deception to harvest credentials from bank staff and customers.
In an era of autonomous AI ransomware, these are not isolated incidents. They are the reconnaissance and entry mechanisms of far larger, self-directing campaigns that probe, adapt, and strike without a human criminal watching the screen. The only credible counter is a detection system that operates at the same speed — classifying threats, isolating anomalies, and triggering automated responses before a human analyst can intervene.

On October 23, 2025, her research was independently selected for the NSF Cybersecurity Summit 2025 in Boulder, Colorado, hosted by Trusted CI — the National Science Foundation’s Cybersecurity Center of Excellence. The Summit’s audience comprises the stewards of critical digital infrastructure across North American research and government institutions.

The picture that emerges is unambiguous: a Nigerian researcher, trained at Yeshiva University, has produced cybersecurity science rigorous enough to be selected — competitively, independently, twice in one month — for presentation before the most credentialed security audiences in North America. And the subject of that science is precisely the threat now bearing down on Nigeria’s financial institutions.
Idowu’s prescription for Nigeria’s financial sector is clear and technically grounded. Nigerian banks must move beyond reactive security postures — the investigate-after-the-breach model that leaves customer data exposed and institutional trust eroded — and invest in real-time, AI-powered detection architectures capable of identifying and neutralising attacks as they unfold. This is not a luxury reserved for the largest Tier 1 lenders. It is a baseline operational requirement for any institution that holds public funds in a connected economy.

Taylor Grossman of the US Institute for Security and Technology, commenting on the AI ransomware landscape, advises that organizations anchor their defences in what she describes as “boring cyber hygiene practices” — consistent patching, access management, staff training, and adherence to established frameworks from the Centre for Internet Security and NIST. Idowu concurs, but adds the dimension that the current moment demands: in an era of autonomous AI attacks, hygiene must be enforced and monitored by intelligent systems that do not sleep, do not tire, and do not need a human to notice the anomaly first.

The Central Bank of Nigeria’s cybersecurity policy framework provides the regulatory foundation. What Idowu is calling for is its genuine, intelligent, real-time implementation — not as a compliance exercise, but as a living defense capability that can match the speed of the threats now being designed to defeat it.
The CIBN conference in Abuja asked exactly the right questions. Idowu has the science to help answer them. What remains is for Nigeria’s boardrooms, regulators, and chief information security officers to act before the autonomous ransomware wave makes the decision for them.