The National Information Technology Development Agency (NITDA), through its Computer Emergency Readiness and Response Team, has detected activities of a hacktivist group targeting the country’s vital digital infrastructure.
In a statement by the agency, the hacktivist group, known for its politically and religiously motivated cyber campaigns, poses a significant risk to our critical information infrastructure.
“Their tactics include targeted attacks on government digital services, using various attack types, particularly distributed denial-of-service (DDoS) attacks, and they have a track record of successful attacks in various countries,” it said.
NITDA urges the general public to be wary of the occurrence of these attacks which underscores the undeniable and concerning fact that cyber-attacks are not a distant threat but rather a looming danger that resides much closer to us.
According to the agency, the consequences of such cyber-attacks are always severe and may have wide-ranging impacts which include: Disruption of Critical Services, Economic Loss, as well as Public Trust and Reputation Loss, the agency said.
To guide against attacks targeted toward Government Institutions and other critical sectors, the National Information Technology Development Agency’s Computer Emergency Readiness and Response Team (NITDA-CERRT) advises all government institutions and critical service providers to safeguard against DDOS attacks by deploying monitoring systems to detect signs of such threats, such as: Deploying DDoS Monitoring systems to watch out for signs of DDoS attacks.
Minimising the attack surface area thereby limiting the options for attackers and allowing you to build protections in a single place. E.g. obscuring the target, closing unused ports and protocols, hence minimizing possible points of attack.
Implementing or subscribing to DDoS protection features, applications, or services to fortify your cyber defenses against disruptive DDoS attacks. e.g. rate limiting, load balancing, traffic filtering, Content Delivery Network (CDN), Web application Firewalls, etc.
Ensuring that hosting providers offer abundant redundant Internet connectivity, enabling systems to manage significant volumes of traffic effectively.
Configuring network hardware such as a firewall or router to drop incoming ICMP packets or block DNS responses from outside the network (by blocking UDP port 53).
Furthermore, the enhancement of all critical national infrastructure such as financial services providers, telecommunications providers, and relevant government service providers should ensure cyber security readiness and resilience by implementing necessary cyber security measures to safeguard against potential attacks, the statement reads.