NCC releases guidelines on preventing cyber-attack

May 16

16:17 2017

Print This Article

The Nigerian Communications Commission (NCC) has listed protective measures needed to guide against cyber-attack which has affected more than 200,000 computers in over 200 countries.

Described by experts as the biggest cyber attack the world has ever seen, the virus locks people out of their computer files until they pay a ransom.

It installs discreetly on a victim’s device, holding his data hostage until the ransom, which is usually in crypto-currency, is paid.

The attack is carried out using tools believed to have been stolen from the US National Security Agency (NSA).

In a statement on Tuesday, NCC said it released the guidelines in fulfilment of its “statutory mandate” to ensure the security and integrity of the national telecommunications network.

The protective measures listed by the commission are:

Obtaining software patch released by Microsoft in March 2017 to fix the Ransomware Virus.
Planning scheduled penetration tests on the networks and systems to ensure protection and availability at all times.
Subscribers who use their smartphones as substitutes to computers for internet access should protect themselves and their devices by: not opening e-mail attachments/links from unknown sources.
Not clicking pop-ups and applets on unknown websites.
Installing effective antivirus software for their mobile devices.

The commission also listed some of the actions it had taken to protect telecommunications networks and their subscribers.

“The commission has advised Mobile Network Operators (MNOs) to initiate regular assessment and audit of their cybersecurity readiness. All operators should continue to ensure that their backup/ disaster recovery strategies are in place and up to date,” the statement read

“The commission has further advised all operators to ensure continued deployment of effective firewalls, login passwords and antivirus management regime.

“The commission is working towards creating a link with the Cybersecurity Alert System on its website so that current information on global cyber threats/incidents could be immediately communicated to stakeholders.”