By Gift Samuel
Abuja-Following the recent outbreak of the Ransomware Virus “WannaCry”,the Nigerian Communications Commission (NCC) has advised Mobile Network Operators (MNOs) to initiate regular assessment and audit of their cybersecurity readiness.
The management of the NCC which disclosed this in a statement on Tuesday in fulfilment of its statutory mandate to assure the security and integrity of the national telecommunications network, stressed that the situation demands that proactive measures be taken by all players in the telecommunication eco-system to forestall the hazards of critical data loss, financial losses and ultimately network/business disruption.
According to NCC,”The Ransomware is capable of infecting and encrypting all files on a system or any smart device until an amount is paid for a decryption key, or other means of retrieval (which may lead to data loss) are used to recover the system as an alternative”.
The Commission further advised that the following protective measures be taken, amongst others, “To obtain software patch released by Microsoft in March 2017 to fix the Ransomware Virus; To plan scheduled penetration tests on the networks and systems to ensure protection and availability at all times.
“Also, subscribers who use their smartphones as substitutes to computers for internet access should protect themselves and their devices by:Not opening e-mail attachments/links from unknown sources; Not clicking pop-ups and applets on unknown websites and installing effective antivirus software for their mobile devices”.
Furthermore, the NCC said it has taken proactive measures in fulfilling its statutory mandate as it urged all operators to continue to ensure that their backup/ disaster recovery strategies are in place and up to date and to ensure continued deployment of effective firewalls, login passwords and antivirus management regime.
The Commission further declared that it is working towards creating a link with the Cybersecurity Alert System on its website so that current information on global cyber threats/incidents could be immediately communicated to stakeholders, adding that it will continue to provide more cybersecurity training for its staff.