The National Information Technology Development Agency (NITDA) being an Agency under the Federal Ministry of Communications, created in April 2001 to implement the Nigerian Information Technology Policy and coordinate general IT development and regulation in the country, sent an alert to the Nigerian public on the Ransomware Attacks. In addition, to advising government on how to enhance the security of the nation, NITDA works with critical stakeholders to come up with ways in which the Nigerian cyberspace can be adequately protected. Nigerians are called to support the Agency by doing their best at protecting themselves as well as the information and systems under their care.
On the 13th of May, 2017, The Management of National Information Technology Development Agency (NITDA), headed by Dr. Isa Ali Ibrahim Pantami, Director General/CEO, brought to the attention of Nigerians, the recent cyber-attack that was affecting computers across the world – the ransomeware attack. This attack, known as “WannaCry” or “WannaCrypt”, spreads by itself between computers and does not require human interaction. It restricts access to the affected system as well as demanding for payment of a ransom. As of that date, it was reported that the attack, had affected over 150 countries and 200,000 machines.
The ransomware attack was reported as exploiting vulnerabilities in the Microsoft Windows Operating System, especially those not currently supported such as Windows XP, Windows 8 and Windows Server 2003. Microsoft released a patch for the vulnerability in March and machines that were updated with the patch would have been automatically protected.
For infected systems, remedies were outlined to prevent further spread and the recommended line of actions were:
● Remove the system from Network;
● Do not use flash/pen drive, external drives on the System to copy files to other systems;
● Format the System completely and get fresh OS copy installed; and
● Contact NITDA Computer Emergency Readiness and Response Team (CERRT) for assistance. They can be reached via telephone on 0800-9988-7766-5544 or e-mail: firstname.lastname@example.org.
Individuals and organisations were advised to:
● Regularly update their operating systems with the latest patches;
● Regularly update their software applications with latest patches;
● Avoid downloading and opening unsolicited files and attachments;
● Adjust security software to scan compressed or archived files; and
● Avoid indiscriminate use wireless connections, such as Bluetooth or infrared ports.