NITDA ISSUES GUIDANCE ON COMBATING CYBER SECURITY THREATS
The management of the National Information Technology Development Agency (NITDA) would like to bring to the attention of Ministries, Departments and Agencies (MDAs), other government establishments, the organised private sector and the general public of potential cyber-attacks likely to be experienced this year as well as the precautionary measures to be taken.
The Agency’s Computer Emergency Readiness and Response Team (CERRT), in conjunction with other industry stakeholders, in their efforts at ensuring a safe and secure cyberspace, have intercepted some signals of potential cyber-attacks targeting banking, health and other systems, power and transportation systems, as well as other critical national infrastructure. In this regard, the need for all to be vigilant and proactive as far as security is concerned cannot be overemphasized. We therefore recommend the following precautionary measures:
- efforts should be intensified at ensuring that any data is encrypted, particularly any sensitive or personal data;
- ensure that networks are fully secure through the use of wired network
thereby protecting them from possible hackers’ attempt at using Wi-Fi security lapses to remotely break into computer systems;
- where Wi-Fi network is used, ensure that an up to date encryption standard is in use and turn off the service set identifier (SSID) broadcasting function on the wireless router if it is not needed;
- ensure that free Wi-Fi connections as well as other wireless connections such as Bluetooth or infrared ports are not used unless where necessary;
- ensure that operating systems and other software applications are regularly updated with the latest patches;
- ensure that anti-malware protection is installed on all IT systems as this will help in protecting your organisation’s network from potential attacks through virus-laden software and email attachments. Also, all security software should be adjusted to scan compressed or archived files;
- ensure that appropriate guidelines are in place for connecting personal devices into the organisation’s network;
- ensure the use of credential vaults and multi-factor authentication instead of user passwords;
- ensure that the organisation’s data and critical files are regularly backed up; and
- ensure that there is an organisation-wide enlightenment campaign, awareness and measures put in place to deal with cyber security threats as well as the procedures they must always follow when using their workstations.
NITDA is working with all critical stakeholders to come up with effective ways of adequately protecting the Nigerian cyberspace. We therefore call on all Nigerians to support the Agency by doing their best at protecting themselves as well as the information and systems under their care.
The National Information Technology Development Agency (NITDA) is an Agency under the Federal Government of Nigeria. The Agency was created in April 2001 to implement the Nigerian Information Technology Policy and co-ordinate general IT development and regulation in the country. Specifically, Section 6(a, c & j) of the Act mandates NITDA to create a framework for the planning, research, development, standardization, application, coordination, monitoring, evaluation and regulation of Information Technology practices, activities and systems in Nigeria; and render advisory services in all information technology matters to the public and private sectors including introducing appropriate information technology legislations and ways of enhancing national security and the vibrancy of the industry.
Dr Isa Ali Ibrahim Pantami, FBCS
National Information Technology Development Agency (NITDA)
Corporate Headquarters, Abuja
29th January, 2018