TheCable

The National Information Technology Development Agency (NITDA) has raised alarm over the activities of hackers targeting the country’s critical digital infrastructure.

In a statement on Tuesday, signed by Hadiza Umar, head of corporate affairs and external relations, NITDA, the agency said its computer emergency readiness and response team detected activities of a hacktivist group targeting vital digital infrastructure.

The hacktivist group is said to be known for its politically and religiously motivated cyber campaigns.

According to NITDA, the group’s tactics include targeted attacks on government digital services, using various attack types, particularly distributed denial-of-service (DDoS) attacks, “and they have a track record of successful attacks in various countries”.

“NITDA, hereby, alerts the general public to be wary of the occurrence of these attacks which underscores the undeniable and concerning fact that cyber-attacks are not a distant threat but rather a looming danger that resides much closer to us than we may have previously acknowledged,” the statement reads.

“This realisation compels us to recognise the urgency of reinforcing our cyber front, fortifying our digital defences to shield against these malicious intrusions and secure the safety of our critical information and infrastructure.

“The consequences of such cyberattacks are always severe and may have wide-ranging impacts which includes: disruption of critical services, economic losses, as well as public trust and reputation loss.”

To curb the effect, NITDA advised all ministries, departments, and agencies (MDAs), including other providers of critical services in the country to ensure the implementation of measures to prevent DDOS attacks.

The agency recommended the deployment of DDoS monitoring systems to watch out for signs of DDoS attacks.

This, the government body, would help in minimising the attack surface area, thereby limiting the options for attackers “and allowing you to build protections in a single place. E.g. obscuring the target, closing unused ports and protocols, hence minimising possible points of attacks”.

“Implementing or subscribing to DDoS protection features, applications or services to fortify your cyber defences against disruptive DDoS attacks. e.g. rate limiting, load balancing, traffic filtering. Content delivery network (CDN). Web application firewalls, etc.,” NITDA said.

“Ensuring that hosting providers offer abundant redundant internet connectivity, enabling systems to manage significant volumes of traffic effectively.

“Configuring network hardware such as firewall or router to drop incoming internet control message protocol (ICMP) packets or block domain name system (DNS) responses from outside the network (by blocking UDP port 53).”

The agency further advised that all critical national infrastructure such as financial services providers, telecommunications providers, and relevant government service providers should be enhanced.

NITDA also urged MDAs to be cybersecurity ready and resilient by implementing necessary cybersecurity measures to safeguard against potential attacks.