@csrf
Police officer

14.04.2024 Featured SPOTTED: Nigeria Police Website for Reporting Cybercrime Is Unsafe

Published 14th Apr, 2024

By Timileyin Akinmoyeje

The Nigeria Police Force’s web portal dedicated to reporting cybercrime is unsafe and violates the guidelines stipulated by the National Information Technology Development Agency (NITDA for government websites, FIJ can report.

When FIJ checked on Saturday, there was no sign of security encryption on the website’s Uniform Resource Locator (URL).

This can be confirmed by the conspicuous absence of the Secure Socket Layer (SSL) in the URL. That is, the portal’s link only has the Hypertext Transfer Protocol (HTTP); it doesn’t have the ‘S’.

READ ALSO: ALERT: XpressVerify, a Private Website, Has Access to Registered Nigerians’ Data and Is Making Money From It

By implication, information submitted, sent or received through this website is not encrypted. Nigerians who use the website may be giving away their personal information to phishers and cybercriminals.

Anyone trying to gain access to the portal will get a prompt from their website browser warning them of potential cyber attacks if they have safety features enabled.

READ ALSO: VIDEO: IBD Dende Threatens to Kill Customs Officer for Seizing His Smuggled Goods

Cloudflare, which provides security services to about 20 percent of internet users, recommends that a website enables the SSL to prevent just anyone from reading server requests and the corresponding responses on a webpage.

But beyond Cloudflare or Google’s recommendation, Section 7.2 of the NITDA Standard and Guidelines for Government Websites mandates all government websites to use technologies like the SSL to encrypt information wherever necessary.

Inactive Phone Numbers and e-mails on the NCS Website Violate NITDA Guidelines

In its guideline documents, NITDA specifically recommends the use of the SSL to ensure that government websites are protected from cybercriminals at all times.

“Government Institutions shall: i. ii. iii. Commit to a continuous process of maintaining the security of Web Servers to ensure continued security. Use authentication and cryptographic technologies as appropriate to protect certain types of sensitive data with differing access privileges. It is recommended that SSL be used for any cryptographic implementation,” the guidelines read.

All attempts to reach the cybercrime unit of the NPF on Saturday proved abortive. FIJ called the designated phone number three times, but none of these calls was answered.

Leave a Reply

Your email address will not be published. Required fields are marked *


Published 14th Apr, 2024

By Timileyin Akinmoyeje

Advertisement

Our Stories

Davido Slams Police With Threats Just Like Persecuted Critics

Emadia Oghale

Investors’ N18.6m Stuck With Emadia Oghale’s Emerald Farms for 2 Years

Want to Read Lagos’ Gambling Laws? Pay N10,000

Igbo, Yoruba and the Illusion of Betrayal

Cybercrime

Witness Narrates Job Search to Chinese-Led Cyberfraud Journey

EFCC Quiet 5 Weeks After Inviting Okoya Sons Over ‘Naira Abuse’

Ademola Adeleke, Osun State Governor

Adeleke Accuses Tinubu’s Nephew Oyetola of Hatching Monday Mayhem Plan in Osun

NIUK

NIUK Shares Dubious Election Results With Hours-Late Clarification

Fidelis Osaghae

Boss Claimed Edo Man Committed Suicide at Work. Corpse Showed Otherwise

UNIZIK Students Can Be Punished for Offences Without Conclusive Proof of Wrongdoing

Advertisement