•Urges MDAs, others to adopt preventive measures
Oghenevwede Ohwovoriole in Abuja
The National Information Technology Development Agency (NITDA) has raised the alarm over an imminent attack on the nation’s critical digital infrastructure.
It warned that the Distributed Denial of Service (DDOS) attack would be targeted at critical national digital infrastructure.
NITDA’s warning was contained in a press release yesterday, which was signed by the agency’s Head of Corporate Affairs and External Relations, Mrs. Hadiza Umar.
According to the statement, NITDA, through its Computer Emergency Readiness and Response Team had detected activities of a hacktivist group targeting vital digital infrastructure.
The hacktivist group, known for its politically and religiously-motivated cyber campaigns, poses a significant risk to critical information infrastructure, NITDA warned.
According to the agency, their tactics include targeted attacks on government digital services, using various attack types particularly DDoS attack, adding that they have a track record of successful attacks in various countries.
“NITDA hereby alerts the general public to be wary of the occurrence of these attacks which underscores the undeniable and concerning fact that cyber-attacks are not a distant threat but rather a looming danger that resides much closer to us than we may have previously acknowledged.
“This realisation compels us to recognise the urgency of reinforcing our cyber front, fortifying our digital defences to shield against these malicious intrusions and secure the safety of our critical information and infrastructure,” the statement read.
NITDA warned that if not averted, the consequences would be dire, stressing that, “the consequences of such cyber-attacks are always severe and may have wide-ranging impacts.”
These include disruption of critical services, economic losses, as well as public trust and reputation loss.
“To guard against attacks targeted towards government institutions and other critical sectors, the National Information Technology Development Agency’s Computer Emergency Readiness and Response Team (NITDA-CERRT) seeks to advise all Ministries, Departments, and Agencies, including other providers of critical services in the country to ensure the implementation of measures to prevent against DDOS attacks, such as: Deploying DDoS Monitoring systems to watch out for signs of DDoS attacks.”
It also prescribed other measures such as, “minimising the attack surface area thereby limiting the options for attackers and allowing you to build protections in a single place, e.g. obscuring the target, closing unused ports and protocols, hence minimising possible points of attacks, implementing or subscribing to DDoS protection features, applications or services to fortify your cyber defences against disruptive DDoS attacks. e.g. rate limiting, load balancing, traffic filtering, Content Delivery Network (CDN), Web application Firewalls, etc.”
NITDA also urged the potential attack victims to aim at, “ensuring that hosting providers offer abundant redundant Internet connectivity, enabling systems to manage significant volumes of traffic effectively, configuring network hardware such as firewall or router to drop incoming ICMP packets or block DNS responses from outside the network (by blocking UDP port 53).
“Furthermore, enhancement of all critical national infrastructure such as financial services providers, telecommunications providers, and relevant government service providers should ensure cyber security readiness and resilience by implementing necessary cyber security measures to safeguard against potential attacks,” it added.
