Rwanda is warning computer users to take precautions not to lose their gadgets and data following an outbreak of a security attack that has affected over 150 countries and may not spare the country.
A communiqué that has been released by Rwanda information Society Authority (RSA) advises the public on behaviors to adopt.
Rwanda Information Society Authority (RISA) today pledged stronger cooperation with the public in enhancing cyber security for all computers in Rwanda. This comes after the alert over an outbreak of a security attack that has affected over 150 countries.
The cyber security attack is known as ransomeware, bearing different variations like WannaCrypt, WannaCry, WannaCryptor or Wcrya. It is also important to bring to your attention that the cyber-attack mostly affects computers that run Microsoft Operating Systems, by automatically encrypting the files and blocking the user‘s access to the entire system.
Over the last decade Rwanda’s strong growth through ICT promotion has brought untold opportunities and prosperity in the country. And as we globally face this challenge in cyber security, as a country we strongly believe that an integrated strategy to ensure effective regulation to our cyber security is significant at this point.
Rwanda Information Society Authority (RISA) has therefore aligned a set of actions to ensure lasting national prevention and protection as specified below:
1. Users are required to maintain daily backups of critical data including application, databases, mails systems, and user’s files. Backups should be regularly tested for data restoration.
2. All computers should be installed with latest security updates (specifically including MS17-010. Patch)
3. Until the security patch is applied, the Server Message Block v1 (SMB v1) should be disabled on all computers. (Refer to the following link: https://support.microsoft.com/en-us/help/2696547/how-to-enable-and-distable-smbv1-smbv2,-andsmbv3-in-windows-vista,-windows-server-2008,-windows-7,-windows-server-2008-r2,windows-8,-and-windows-server-2012)
4. The LAN perimeter firewall should be configured with a rule to block all incoming SMB traffic on port 445.
5. All computers should be upgraded to Windows 10 to benefit from the latest protection from Microsoft. The Windows Defender Antivirus, which can detect the above malware, should also be enabled on all Windows systems.
6. Ensure your Antivirus signatures are up to date as major vendors are all working to deliver updated signatures to detect/ prevent this.
7. All users are advised not to open any suspicious email especially one that have an attachment, furthermore all users are advised not to download any files that they are not sure of the source.
We are taking comprehensive action to strengthen our information and communications technology sector countrywide. However, in case of any compromise or attack, RISA advises that the affected computer/PC must be removed from the network and the incident must also be reported to Rwanda Computer Security Incident Response team with immediate effect. (Hotline 4045/ Email: email@example.com)
We reaffirm our commitment to address the threat to cyber security and encourage the public to fully collaborate in order to minimize any negative impact towards the achievement of this objective.
For further information please send an email to: firstname.lastname@example.org