The National Information Technology Development Agency (NITDA), through its Computer Emergency Readiness and Response Team, has detected and warned of activities of a hacktivist group targeting vital digital infrastructure.
NITDA said on Wednesday in a statement that the hacktivist group, known for its politically and religiously motivated cyber campaigns, poses a significant risk to the country’s critical information infrastructure.
“Their tactics include targeted attacks on government digital services, using various attack types, particularly DDoS attacks, and they have a track record of successful attacks in various countries,” NITDA stated.
NITDA has consequently alerted the general public to be wary of the occurrence of these attacks which underscores the undeniable and concerning fact that cyber-attacks are not a distant threat but rather a looming danger that resides much closer to the people than may have previously been acknowledged.
“This realization compels us to recognize the urgency of reinforcing our cyber front, fortifying our digital defenses to shield against these malicious intrusions and secure the safety of our critical information and infrastructure.
“The consequences of such cyber-attacks are always severe and may have wide-ranging impacts which include Disruption of Critical Services, Economic Losses, as well as Public Trust and Reputation Loss,” NITDA noted in the statement.
To guide against attacks targeted towards Government Institutions and other critical sectors, the National Information Technology Development Agency’s Computer Emergency Readiness and Response Team (NITDA-CERRT) is advising all Ministries, Departments, and Agencies, including other providers of critical services in the country to ensure the implementation of measures to prevent against DDOS attacks.
It listed such measures aimed at preventing DDOS attacks to include deploying DDoS Monitoring systems to watch out for signs of DDoS attacks; and minimising the attack surface area thereby limiting the options for attackers and allowing one to build protections in a single place such as obscuring the target, closing unused ports and protocols, hence minimizing possible points of attacks.
Others are implementing or subscribing to DDoS protection features, applications, or services to fortify one’s cyber defenses against disruptive DDoS attacks such as rate limiting, load balancing, traffic filtering, Content Delivery Networks (CDN), Web application Firewalls, etc.
NITDA-CERRT also advised on the need to ensure that hosting providers offer abundant redundant Internet connectivity, enabling systems to manage significant volumes of traffic effectively; as well as configure network hardware such as firewall or router to drop incoming ICMP packets or block DNS responses from outside the network (by blocking UDP port 53).
It further advised on the need for the enhancement of all critical national infrastructure such as financial services providers, telecommunications providers, and relevant government service providers so as to ensure cyber security readiness and resilience by implementing necessary cyber security measures to safeguard against potential attacks.
