Ransomware: New bug threatening global cyber security
As the world was still recovering from the biggest cyber attack in history, thinking the worst was over, there came another bombshell: WannaCry ransomware, which infected more than 230,000 computers in 150 countries, suddenly rebooted!
This sent jitters down the spine of many across the globe last week. The report had it that the WannaCry ransomware was halted by a security analyst who discovered a kill switch. But the deadly virus was said to have been updated without the kill switch, allowing it to spread like harmattan bush fire.
And apart from businesses, institutions and governments; individuals were said to be equally at risk. In fact, more worrisome was the realisation that Nigeria was one of the countries where the aborted attack was directed. And nobody could accurately predict what would happen next.
Commenting on this, the Executive Director, Centre for Cyber Awareness and Development, Dr Bayero Agabi, disclosed that the system kidnapping could berth in Nigeria, warning that the private sector, that use heavy technology and are always online, like the banks and oil companies, could be its host.
He added: “Most of the things that government do online are still a bit restricted. We still do not have an interface that can be called interface to government and people relationship being transacted online.
“Most often, government rely more on paperwork. Be that as it may, the essence of what cybersecurity can do to us as a people, organisation and even as a nation. The war has moved to the cyberspace and the fourth world war is now in the cyberspace, the reason being that both our transactions, our thought and the Internet of Everything (IoE) have gone to the cyberspace. So, how do we manage our activities, identities and as a people; as a nation on the cyberspace? I think, this has called Nigeria and Africa to question. How do you exist in cyberspace to the extent of being well protected, thrive properly on the cyberspace without issue? If you take a look at that,we have to start looking at our cybersecurity laws and how we practise on the cyberspace. “The cyber irresponsibility that we see today on the Nigeria cybersphere should be cleaned up and put quality implementation. The agencies like the office of the National Security Adviser, National Information Technology Development Agency (NITDA) and the Nigerian Communications Commission (NCC) responsible for policies implementation , cybersecurity and broadband should come together now. I also know that the greatest undoing that we also have as a nation is that, after a while, we forget about the attack and move on until it hits us at the bone. Broadband policy, broadband commission should be set up and the essence of all of that is to ensure that we have good broadband. When we have a good broadband, both broadcast in audio, video and all our innovation will go cyber and threat will begin to come. Another thing that we have to take care of is skills to fight cyberattack. We should discard paper qualification, we don’t need 35 and 40 years to manage cyberspace. Some of these virus are actually triggered by younger people in their teens with the aid of artificial intelligence (AI). But in Nigeria, we believe that these set of teenagers are not qualified enough, we need to review our educational system and see what people can do with thier skills.Now, we should begin to up our skills and knowledge in readiness to fight cyber attack in the cyberspace”.
To be forewarned, they say, is to be forearmed. To ward off future attack, the Nigerian Communications Commission (NCC) had to come up with protective measures for smart phone users, among others. According to the regulator, “subscribers who use their smartphones as substitutes to computers for internet access should protect themselves and their devices by not opening e-mail attachments/links from unknown sources; Not clicking pop-ups and applets on unknown websites and installing effective antivirus software for their mobile devices.”
In a statement on Tuesday, NCC said it released the guidelines in fulfilment of its statutory mandate to ensure the security and integrity of the national telecommunications network.
Other measures, for computer users, are as follows:
Obtaining software patch released by Microsoft in March 2017 to fix the Ransomware Virus; Planning scheduled penetration tests on the networks and systems to ensure protection and availability at all times; Planning scheduled penetration tests on the networks and systems to ensure protection and availability at all times. The commission also listed some of the actions it had taken to protect telecommunications networks and their subscribers.
“The commission has advised Mobile Network Operators (MNOs) to initiate regular assessment and audit of their cybersecurity readiness. All operators should continue to ensure that their backup/ disaster recovery strategies are in place and up to date,” the statement read.
The commission has further advised all operators to ensure continued deployment of effective firewalls, login passwords and antivirus management regime.
“The commission is working towards creating a link with the Cybersecurity Alert System on its website so that current information on global cyber threats/incidents could be immediately communicated to stakeholders.”
On measures put together to protect the nation’s financial system, the Chairman of the Nigeria Electronic Fraud Forum (NeFF), Mr Dipo Fatokun, said:
“We are responding to this issue, not as an industry, but as a country. We have issued various advisories to the banks, in addition to the country advisory issued by the Office of the National Security Adviser. We, therefore, still enjoin any organization or individual who has been attacked to report by sending a mail to “mailto:firstname.lastname@example.org” email@example.com”
On how fortified are the banks, he explained that banks continue to remain strong and resolute to attacks like this. “Before this particular incident, Nigerian banks have responded to the possibility of this risk crystalizing through a combination of technology, supervision and risk identification measures. Using technology, we have adopted more efficient processes, cost effective controls and addressed the human factor through staff and customer awareness.”
Fatokun, who is also the Director, Banks and Payment Systems Department of the Central Bank of Nigeria (CBN), also explained that the apex bank is proactive in taming cyberfraud in the country.
“On the supervision side, through the IT Standards Council, we have identified appropriate standards that are required for adoption and have prioritized them as such.
“Reviews are carried out periodically by CBN in order to ensure compliance and capacity building programs have been instituted to improve the cyber-security skill level of our manpower.”
Also, the Executive Vice Chairman of the NCC, Prof Umar Danbatta, said the Commission has taken adequate measures, in fulfilling its statutory mandate, to advise Mobile Network Operators (MNOs) to initiate regular assessment and audit of their cybersecurity readiness.
He stated: “All operators should continue to ensure that their backup/ disaster recovery strategies are in place and up to date. And ensure continued deployment of effective firewalls, login passwords and antivirus management regime”.
He added that the Commission was working towards creating a link with the Cybersecurity Alert System on its website so that current information on global cyber threats/incidents could be immediately communicated to stakeholders and will continue to provide more cybersecurity training for its staff.
Also commenting, Research/Development Unit of Yudala proffers measure to guard against Wannacry. Here are them:
“Update Windows as a matter of urgency: WannaCry targets a Windows operating system flaw in older versions that have not been patched. If your system runs on one of the newer versions of Windows and you have kept up with automatic updates, you can protect yourself by updating your computer immediately with the software patch released in March 2017.
“Invest in a ransomware blocker: The WannaCry attack is indeed an eye-opener to the growing global scourge of Ransomware – described in an earlier research piece as an increasingly popular mode of attack where attackers encrypt data taken from the victim and in return for decrypting the data, they ask for an acceptable amount from the victim as ransom. These victims include individuals, small or medium-sized enterprises (SMEs) and large corporates.
Most anti-virus software hardly offers any protection against ransomware, especially if you are using the outdated version of the anti-virus. In view of the increasing prevalence of these attacks and if your checks reveal you are not protected, perhaps now is the time to consider investing in a dedicated ransomware blocker. Before purchasing one, please check out the features and cost. There are also a few free options you can download and install at no cost.
Turn on windows update if currently disabled
Most users can be forgiven for disabling Microsoft Windows’ automatic updates. This is especially considering the annoying tendency for earlier versions to auto-install even when one is in the middle of a pressing work schedule or tight deadline. Thankfully, Microsoft has, to a large extent, fixed that issue with the current version of Windows 10. So, if you currently have automatic updates disabled, please go back to your Control Panel to turn them back on and leave them on.
Stay alert for new strains/mutations
According to research from Heimdal Security, new strains or mutations of the WannaCry ransomware have popped up, with some bearing the name Uiwix. Also, the virulence of the ransomware can be seen from the way it rebounded from the initial attempt to deploy its kill switch. This clearly shows the need to remain on the alert for new strains or mutations. Suspicious links in emails and on websites should be regarded with caution to avoid becoming a victim.
Consider cloud storage and file back-ups
In view of the likelihood of falling prey, there seems no better time to consider cloud storage and other forms of back-ups for your sensitive files and other information. Cloud storage is particularly useful because in the event of an attack, you may be able to recover your affected files by accessing earlier versions of them. Some effective cloud-storage services keep snapshots of all changes made to files in the past 30 days”.