The management of National Information Technology Development Agency (NITDA) would like to bring to the attention of Nigerians on another deadly cyber-attack, similar to the recent ‘WannaCry’ attack. This attack, called ‘Petya’ ransomware or ‘GoldenEye’, not only encrypts files but also encrypts hard drives, rendering entire computer system inaccessible.
The attack has paralysed businesses across the world and is spreading quickly with reports indicating that countries affected so far include Ukraine, Denmark, Russia, the UK, Germany, France, Italy, Poland and the USA. The malware is spreading using a vulnerability in Microsoft Windows that was patched in March 2017 — the same bug that was exploited by the WannaCry ransomware.
While our CERRT team are working round the clock along with other stakeholders to come up with effective defence mechanism for the Nigerian cyberspace, we are calling on Network Administrators in the public and private sectors as well as individuals to take the following measures recommended during the recent WannaCry attack:
• isolate the system from your network to prevent the threat from further spreading;
• remove the system from Network; and
• do not use flash/pen drive, external drives on the System to copy files to other systems.
As a general precautionary measure and as the security of systems is our collective responsibility, we would like to recommend that individuals and organisations should:
• regularly update their operating systems with the latest patches;
• regularly update their software applications with latest patches;
• turnoff unnecessary/unneeded features;
• avoid downloading and opening unsolicited files and attachments;
• adjust security software to scan compressed or archived files; and
• avoid indiscriminate use wireless connections, such as Bluetooth or infrared ports.
The National Information Technology Development Agency (NITDA) is an Agency under the Federal Ministry of Communications. The Agency was created in April 2001 to implement the Nigerian Information Technology Policy and co-ordinate general IT development and regulation in the country. Specifically, Section 6(j) of the Act mandates NITDA to advise the Government on ways of promoting the development of information technology in Nigeria including introducing appropriate information technology legislations and ways of enhancing national security and the vibrancy of the industry.
We therefore call on all citizens, especially critical stakeholders in the IT industry, to support NITDA in this onerous task by always following best practices as well as being proactive in the way information and systems are handled. These will help in minimizing risks of attacks as well as possible loss of vital information.