Rwanda Information Society Authority (RISA) issues stringent measures all aimed at enhancing the country’s cyber security capacity.
The move comes following the alert over an outbreak of a security attack that has affected over 150 countries.
The attack has been described as ransomeware, diagnosis bearing different variations like WannaCrypt, WannaCry, WannaCryptor or Wcrya.
It mostly affects computers that run Microsoft Operating Systems, by automatically encrypting the files and blocking the user‘s access to the entire system.
RISA has therefore aligned a set of actions to ensure lasting national prevention and protection to both individuals and organisations.
Users are required to maintain daily backups of critical data including application, databases, mails systems, and user’s files. Backups should be regularly tested for data restoration.
All computers should be installed with latest security updates (specifically including MS17-010. Patch)
Until the security patch is applied, the Server Message Block v1 (SMB v1) should be disabled on all computers.
The LAN perimeter firewall should be configured with a rule to block all incoming SMB traffic on port 445.
All computers should be upgraded to Windows 10 to benefit from the latest protection from Microsoft. The Windows Defender Antivirus, which can detect the above malware, should also be enabled on all Windows systems.
Ensure your Antivirus signatures are up to date as major vendors are all working to deliver updated signatures to detect/ prevent this.
All users have been advised not to open any suspicious email especially one that have an attachment, furthermore all users are advised not to download any files that they are not sure of the source.
“In case of any compromise or attack, RISA advises that the affected computer/PC must be removed from the network and the incident must also be reported to Rwanda Computer Security Incident Response team with immediate effect. (Hotline 4045/ Email: firstname.lastname@example.org)” reads part of the statement from RISA.
“We reaffirm our commitment to address the threat to cyber security and encourage the public to fully collaborate in order to minimize any negative impact towards the achievement of this objective.”