Information Security Society of Africa-Nigeria (ISSAN) has urged Nigerians to avoid making any payment to cyber attackers in the light of any Ransomware attacks against them.
At the ISSAN and Microsoft Nigeria Cybersecurity Summit 2017 held recently in Lagos, President of ISSAN, David Isiavwe cautioned Nigerians not to pay for any Ransomware attacks. According to Isiavwe, payment could be more deadly as it could give room for further attacks.
“ISSAN will continue to sensitize the public about the dangers of cybercrime and the likes. However, it is important to stress that people should not open a mail you don’t know the source.
For instance, you didn’t order for a product from overseas and there was a mail that your order is on the way, urging you to send some information by opening a particular mail, please don’t! It is also important that you back up all your files and data whether on the phones, laptops and desktops. This strategy will guarantee you still having access to your files if there was an attack.
“It is also very important that you don’t make any ransom payment if the attackers demand for it. If you pay, they may not return your files and they could even unleash more malwares on you. So if nobody is paying, the attacks will reduce.”
In the same view, Signal Alliance and Weco Systems have alerted Nigerians of the attack. Signal Alliance, a Microsoft enterprise partner in Nigeria advised its clients and key users of Windows applications across the country of the unprecedented cyber-attacks being experienced by many businesses and public sector organizations locally and globally, as a result of the ransomware.
Speaking on the advisory, Technology Lead on Security in Signal Alliance, Kelechi Agu, said: “as soon as we became aware of the unprecedented spread of the Ransomware attack, which was hitting tens of thousands of businesses worldwide, including the entire British Healthcare sector. We immediately gave our clients a breakdown on what we know about the malware responsible for the encryption attacks, and what they can do to stop it.”
From Weco’s perspective, the firm explained that on devices, the malware takes control of targeted systems and then has the capability to scan heavily over TCP port 445 Server Message Block (SMB), spreading in a fashion similar to a worm, compromising hosts, encrypting files stored on them and then demanding a ransom payment in the form of Bitcoin.
Unfortunately, Weco Systems noted that buying a security product wouldn’t solve this problem or other emerging cyber security threats. According to it, organizations need to adopt a bottom-up approach to cyber security. All they need is to implement network security best practices, as reports reveal that companies that had good security practices and architecture in place were not hit by this malware.