By Nkechi Isaac,
The National Information Technology Development Agency (NITDA) has raised the alarm over another deadly cyber-attack, similar to the recent ‘WannaCry’ attack, urging Nigeria to take precautionary measures to protect their computer from the attack that has already affected countries like Ukraine, Denmark, Russia, the UK, Germany, France, Italy, Poland and the USA.
A statement by the director general of the agency, Dr Isa Ali Ibrahim Pantami, said the attack, called ‘Petya’ ransomware or ‘GoldenEye’, not only encrypts files but also encrypts hard drives, rendering entire computer system inaccessible.
It said: “The malware is spreading using a vulnerability in Microsoft Windows that was patched in March 2017 — the same bug that was exploited by the WannaCry ransomware.”
The statement stated that while NITDA’s CERRT team are working round the clock along with other stakeholders to come up with effective defence mechanism for the Nigerian cyberspace.
“We are calling on Network Administrators in the public and private sectors as well as individuals to take the following measures recommended during the recent WannaCry attack isolate the system from your network to prevent the threat from further spreading; remove the system from Network; and do not use flash/pen drive, external drives on the System to copy files to other systems.
“As a general precautionary measure and as the security of systems is our collective responsibility, we would like to recommend that individuals and organisations should regularly update their operating systems with the latest patches; regularly update their software applications with latest patches;; turnoff unnecessary/unneeded features; avoid downloading and opening unsolicited files and attachments; adjust security software to scan compressed or archived files; and; avoid indiscriminate use wireless connections, such as Bluetooth or infrared ports.”
It called on all citizens, especially critical stakeholders in the IT industry, to support NITDA in this onerous task by always following best practices as well as being proactive in the way information and systems are handled. These will help in minimizing risks of attacks as well as possible loss of vital information.