The National Information Technology Development Agency (NITDA) has released an official alert to warn Nigerians, particularly (ministries, departments and agencies (MDAs) on the Ransomeware cyber-attack that is affecting computers across the world.
“This Ransomeware, known as “WannaCry” or “WannaCrypt”, spreads by itself between computers and does not require human interaction. It restricts access to the affected system as well as demanding for the payment of ransom. This attack, according to reports, has so far affected over 99 countries and 100,000 machines,” the IT agency warned stakeholders at the weekend in an official statement signed by the Director-General/CEO of NITDA, Dr Isa Ali Ibrahim Pantami to underscore the seriousness accorded the issue by Nigeria’s IT clearinghouse.
The ransomware attack exploited vulnerabilities in the Microsoft Windows Operating System, especially those not currently supported such as Windows XP, Windows 8 and Windows Server 2003. Microsoft released a patch for the vulnerability in March and machines that were updated with the patch would have been automatically protected.
Furthermore, should your system be infected by ransomware, isolate the system from your network to prevent the threat from further spreading. In addition, the following actions can be taken immediately:
• Remove the system from Network;
• Do not use flash/pen drive, external drives on the System to copy files to other systems;
• Format the System completely and get fresh OS copy installed; and
• Contact NITDA Computer Emergency Readiness and Response Team (CERRT) for assistance. They can be reached via telephone on +2348023275039 or e-mail: firstname.lastname@example.org.
As a general precautionary measure and as the security of systems is our collective responsibility, we would like to recommend that Individuals and organisations should:
• Regularly update their operating systems with the latest patches;
• Regularly update their software applications with latest patches;
• Avoid downloading and opening unsolicited files and attachments;
• Adjust security software to scan compressed or archived files; and
• Avoid indiscriminate use wireless connections, such as Bluetooth or infrared ports.
The NITDA as government’s IT clearinghouse operates as an agency under the Federal Ministry of Communications. It was created by an Act of Parliament in April 2001 to implement the Nigerian Information Technology Policy and co-ordinate general IT development and regulation in the country. The agency has the primal responsibility to advise government on how to enhance the IT security of the nation.
“NITDA is working with critical stakeholders to come up with ways in which the Nigerian cyberspace can be adequately protected. We therefore call on all Nigerians to support the Agency by doing their best at protecting themselves as well as the information and systems under their care,” said Pantami in the official statement.
Ajijola, Commissioner at GCSC, on quick steps against Ransomware
Meanwhile, Abuja based cybersecurity expert, Mr. Abdul-Hakeem Ajijola has also posted warnings on the Ransomware asking that system owners take urgent steps to guide against being infiltrated. Ajijola, a Commissioner of the Global Commission on the Stability of Cyberspace (GCSC), posted in the following the Whatsapp group thus:
This is to bring to your urgent attention a global cyber-attack that, as at this moment, has recorded over 75,000 victims and spread to 99 countries. The malware being spread is a Ransomware. For some of us who may not know what this is, this is a type of malware that, once executed, encrypts all your files and demands the payment of a ransom before they can be decrypted.
What we know so far
The Ransomware has been dubbed WannaCry, aka WanaCryp0r, aka WCry. The malware is believed to be among a cache of powerful hacking tools stolen from the NSA sometime in August last year. The attack has spread across Europe, Asia, North and South America, and some parts of Africa (Northern and Southern Africa)
Currently, the most common mode of delivery is via email. As a result, WE IMPLORE EVERYONE TO AVOID OPENING ATTACHMENTS OR CLICKING ON LINKS IN SUSPICIOUS EMAILS, OR EMAILS FROM THOSE WHO THEY DO NOT KNOW OR AREN’T EXPECTING AN EMAIL FROM. USERS SHOULD ALSO AVOID SUSPICIOUS WEBSITES.
How it works
The malware exploits a known windows vulnerability, thereby bypassing traditional anti-virus protection and granting the malware full administrative rights over the victim’s computer. From this point, it starts to encrypt all the user’s files. Once it’s done, it locks the victim out of their computer and demands a ransom to be paid in Bitcoins.
How we can protect ourselves
As mentioned earlier, be cautious about the email attachments you open or the sites you visit. As a rule of thumb you should not open attachments or click on links that are in emails from:
People you do not know or People you know, but aren’t expecting an attachment/link from, call them to confirm etc.Emails that have a sense of urgency. eg. DO NOT “click on this link to avoid losing access to your account…” etc. We should be guided by common sense in this regard
Install the Microsoft fix—MS17-010 Now!
People who have yet to install the Microsoft fix—MS17-010—should do so right away. People should also be extremely suspicious of all e-mails they receive, particularly those that ask the recipient to open attached documents or click on Web links.
If you aren’t infected yet, please run your Windows updates now
Download the MSU files below: