Abraham Tanta, is the founder and chief executive officer of Tanta Innovative, a software development firm in Lagos.
In this interview, he shares his experience as a software developer, the need to patronise indigenous software firms and the importance of ethical hacking and penetration tests.
How we started
Tanta is a group of companies with many subsidiaries. We have Tanta Consolidated, Tanta Innovative, Tanta Secure, and Tanta Holdings. Tanta Innovative Limited is focused on custom and professional software development. Founded in 2008, Tanta Innovative is a Nigerian provider of IT consulting services and custom software development with 40 IT professionals.
For over 12 years, we’ve been bringing custom and platform-based solutions to small, large and midsized companies in healthcare, banking, retail, telecom and other industries.
You can tell us exactly what you want, and we can make it for you. Whatever kind of features you want to achieve effective productivity, we will make it happen. You don’t have to rely on already made foreign programs, because you have to adjust your ideas, plans and features to work with them. We are giving you the opportunity to tell us what exactly you want, and we can make it happen even better than what you wanted. That is what Tanta Innovative Limited is all about. We are trying to focus on ethical hacking because that is an untapped segment in the market. Black hat hackers and fraudsters out there are constantly looking out for victims, you can never tell when you might fall prey. Whether you are an individual or a cooperate entity, you need to protect data transmitted over the Internet.
The problem of the IT or software business in Nigeria is that people are afraid of trying local products because they believe more in foreign products. For instance, if you have a laptop and then there is a Nigerian programmer or a brand that produces a program that can replace Microsoft Office, if you just got a computer now, I don’t think you are going to install that program. I am going to install Microsoft Office first because it’s popular and has reputation. There are lots of things tied to Microsoft Office and you can always do a lot of things because they do upgrades almost for free. Or you don’t want to get a license you can just get a free pirated copy and still use it for free. People believe more in foreign software and that’s a big problem for the Nigerian software market. People out there don’t know that we can actually create this solution or even better solutions tailored to your specific needs, within time and budget. The thing with programming is that you can tell me how you want it to work and I’ll just write a language. Software is a written instruction that tells the computer what to do and how to do it. So, if a programmer can write the language of a computer, that means you just need to tell the programmer what you need, and they will produce that same result or an even better result for you than the already made products out there. If we can overcome this issue or this lack of trust in our local products, I believe the Nigerian market is going to shoot to the sky. Because, five years from now, there will be a lot of things that will be obsolete, a lot of things that will go out of use, a lot of things will be useless. Where is NITEL right now? A few years back, NITEL was hot cake but right now if you don’t have a smartphone, you’re in the 15th century. So, basically, the country and the citizens need to understand and just give local developers a try.
If I tell you how many situations I have been in, it’s unbelievable. Having my tools on my laptop alone and walking out on the street at night, maybe when I close from work and the police happen to check those tools, trust me they don’t want to know if you are an ethical hacker or a pastor hacker. They conclude you are a fraudster. They tag you “Yahoo Boy” instantly.
I am an ethical hacker, this is what I do and this is how I do it. In fact, I think I wrote an official letter to a police command letting them know that this is what I do. These are the challenges ethical hackers face. It’s not really the fault of our security agents because there are lots of people that even when they have decided to be ethical hackers, they end up converting and do malicious things that harm people. What I was trying to say earlier about ethical hacking, you don’t have to wait to meet an ethical hacker, you don’t have to wait for a situation. There are tools out there that hackers use every day. For Instance, a hacker will just wake up from bed, go to his computer and type a keyword. The keyword maybe a name, say, John, and just launch. In five days, 10 days, what he launched is still running and extracting everything that has to do with John in that region continuously. You can make a lot of mistakes by typing your ATM PIN or a purchase through an unsecure WIFI or Internet sources or sometimes leave digital footprints. Something you would have done few months back like purchase can end up affecting you right now because then your details were captured among thousands of other people that the hacker captured with a simple tool they are using to search. You can just receive a debit alert on your phone and not know where it came from. You will be there struggling with people around you at that time, not knowing it happened a long time ago. There are lots of errors we make with our devices. What an organization should do is to get the service of a cybersecurity company to try and penetrate into their system, which is called penetration test. When you run penetration test on your system, what you discover will be unbelievable. You will find out if hackers were to capture your website or IP, and you become a target, these are the things they could do to you.
There are situations where a hacker could log into your bank accounts without the need for your password or your PIN to make a transaction as you and you will be debited. You gave the hacker access yourself by writing it out to the hacker. How? By allowing applications to have access to sensitive data on your device, which you might have done previously, and lucky for the hacker to get you that moment. That is why it is advisable to always update your PIN at least a month or two. You can keep doing it as a circle by repeating it; but sticking to a password or a PIN for a very long time is a very bad idea. I am talking from experience as an ethical hacker and there a lot of things we know that other hackers do. When we are being consulted by companies or organizations to run ethical hacking or penetration test for them, in some cases, we are able to access customers’ data and some companies are responsible for leaking a customer’s data unknowingly because you can register on a website that you see that request you to register for something where you input your details like your email, name, and date of birth. You have given your profile to that organization but are you sure they can secure your data? That is why organizations need to take out time to get a consultant to run a penetration test on their systems. Ethical hacking is something that we need to look into extensively.
I think Nigeria has already been in cyber war. In fact, the war is still going on. What do you call Yahoo-Yahoo right now? That’s cyber war, right? That has been the trend. What people don’t know is that we are actually the ones giving access to people. Imagine you getting a call to tell someone your PIN over the phone. The person telling you he is from the bank, which you should know that your bank will never call you with a customized phone number as the bank will stick to their key number. Or let’s say your account officer called you directly, which you shouldn’t still give out your details. Your account officer would already have all this information, he wouldn’t need to call you for that. I feel that Nigeria is already going through that, and that is why I advise organizations companies to seek ethical hackers, licensed and verified ethical hackers, because you could end up getting a problem into your house in the first place. Get a verified ethical hacker that you know about or you can search about them on the Internet. Find out about all their services. Try them out and seal up security holes in your systems or server and then you can avoid getting involved in a cyber war. The same thing goes for individuals. What you share on your social media. They can pick a trend from what you always talk about. When you want to pick a password, you will definitely pick a word you remember. For instance, your social media you are always shouting major in everything, if the hacker wants to think of a way to get your password. The first thing that he will think of is your date of birth, which you have published on social media, or your birthday mixed up with the most popular phrase you use. Those things can easily be hacked.
One more thing is, when you are choosing a password, when you use numbers and alphabets together, you are a little bit secured. When you use number, alphabet and symbol then you are secured. It will take a hacker a very long time to hack you. Before he is done trying to hack you, you have changed your password again so it will be like an infinite look for the person or for the system they are using to try to hack you. It is always wise to secure your password for the mixtures of alphabets, characters and symbols. Mix them up as much as you can. Twist them around because hackers have a tool. They call it dictionary attack, with a dictionary attack or a program called kindly givers spacers. There is an operating system designed for hackers, but it is for ethical hackers and we ethical hackers use that as penetration testing environment to test how a hacker would have done it.