Adeyemi Matthew
The National Information Technology Development Agency
(NITDA), through its Computer Emergency Readiness and Response Team, said it
has detected activities of a hacktivist group targeting our vital digital
infrastructure.
NITDA said the hacktivist group, known for its politically
and religiously motivated cyber campaigns, poses a significant risk to the
country’s critical information infrastructure.
A statement by the Head, Corporate Affairs and External
Relations of NITDA, Mrs. Hadiza Umar said “Their tactics include targeted
attacks on government digital services, using various attack types,
particularly DDoS attack, and they have a track record of successful attacks in
various countries”.
NITDA, however, alerted the general public to be wary of the
occurrence of these attacks which it said underscores the undeniable and
concerning fact that cyber-attacks are not a distant threat but rather a
looming danger that resides much closer than one may have previously acknowledged.
“This realisation compels us to recognize the urgency of
reinforcing our cyber front, fortifying our digital defences to shield against
these malicious intrusions and secure the safety of our critical information
and infrastructure.
“The consequences of such cyber-attacks are always severe
and may have wide-ranging impacts which include: Disruption of Critical
Services, Economic Losses, as well as Public Trust and Reputation Loss.
“To guide against attacks targeted towards Government Institutions
and other critical sectors, the National Information Technology Development
Agency’s Computer Emergency Readiness and Response Team (NITDA-CERRT) seek to
advise all Ministries, Departments, and Agencies, including other providers of
critical services in the country to ensure the implementation of measures to
prevent against DDOS attacks.
NITDA urged MDAs, and other providers of critical services,
to deploy DDoS Monitoring systems to watch out for signs of DDoS attacks.
NITDA also asked the concerned organisations to consider
“minimizing the attack surface area thereby limiting the options for attackers
and allowing you to build protections in a single place. E.g. obscuring the
target, and closing unused ports and protocols, hence minimizing possible
points of attack.
“Implementing or subscribing to DDoS protection features,
applications or services to fortify your cyber defences against disruptive DDoS
attacks. e.g. rate limiting, load balancing, traffic filtering, Content
Delivery Networks (CDN), Web application Firewalls, etc.
“Ensuring that hosting providers offer abundant redundant
Internet connectivity, enabling systems to manage significant volumes of
traffic effectively.
“Configuring network hardware such as firewall or router to
drop incoming ICMP packets or block DNS responses from outside the network (by
blocking UDP port 53)”.
0 comments:
Post a Comment