"Attackers Might Steal Your Information": Nigerian Govt's Official Website Outdated, Unsafe to Use

"Attackers Might Steal Your Information": Nigerian Govt's Official Website Outdated, Unsafe to Use

  • The official Nigerian State House website, www.statehouse.gov.ng, is alarmingly vulnerable due to its use of the outdated HTTP protocol instead of HTTPS
  • Despite efforts to notify the webmaster about issues like an outdated copyright year, no action has been taken
  • Oluwaseyi Odekomaya, the head of the Department of Software Engineering at SQI College of ICT, told Legit.ng that the development makes the website vulnerable to cyber-attacks and puts user data and privacy at risk

State House, Abuja - The Nigerian government's official state house website is alarmingly vulnerable and unsafe for public use. Sadly, those responsible for its smooth running appear indifferent to this development.

This website, www.statehouse.gov.ng, serves as the official digital platform for the federation, a repository for all presidential speeches and events' images. It ensures public access and preservation of important government records.

Read also

After CBN instruction, OPay Sends Messages to customers on funds in their account

The state of the country's website
Attempts to reach out to the handlers of the website have been met with silence
Source: UGC

It also provides comprehensive information about every key member of the administration.

From the homepage, visitors can easily navigate to the ‘people’ webpage, which features profiles of the president, vice president, and their spouses. A page, labelled ‘The Cabinet’, offers a wealth of public information about presidential aides, all just a click away.

Ideally, this website should be the primary source for anyone in the country seeking direct information from the government. However, its web address uses the outdated ‘http’ protocol instead of the more secure ‘https’ standard.

State house web adress
A snip shot of the "unsecured" State House web address when clicked on
Source: UGC

Any attempt to log onto the site will trigger a warning from the web browser, cautioning that the site is unsafe due to its lack of standard security protocols.

This is the message users get when they try to visit the site.

Read also

Naira bounces back, gains over N200 against dollar in black market, traders quote new exchange rate

"Your connection is not private.
"Attackers might be trying to steal your information from statehouse.gov.ng (for example, passwords, messages, or credit cards). Learn more."

Implications of HTTP instead of HTTPS

In 2018, Google Chrome started marking all HTTP sites as “not secure” to encourage the adoption of HTTPS, a secure version of HTTP.

Oluwaseyi Odekomaya, the head of the Department of Software Engineering at SQI College of ICT, headquartered in Ogbomoso, Oyo state, explained:

"One of the major security risks associated with a website using HTTP instead of HTTPS is that any information sent over HTTP is not encrypted.
"This means anyone can read the information being sent to and from the website (or web application), which could be disastrous if such information were sensitive."

This lack of encryption makes the connection insecure, leaving it vulnerable to eavesdropping, interception, and tampering.

One of the Nigerian government's website features is a 'Participate' page, where citizens can comment or reach out to Aso Rock by simply filling out forms. However, given the site's current state, any information put there is at the user's risk.

Read also

“People have no choice”: FG finally speaks as MultiChoice explains increase in DStv, GOtv subscriptions

This situation becomes even more critical when considering sensitive information, such as personal, financial, or national data.

This information can be compromised without the proper security measures, making the website more susceptible to cyber-attacks.

Nigerian govt's official website's outdated copyright

Furthermore, scrolling down to the footer of the State House website, one will find the copyright symbol accompanied by the year 2020. This is clearly outdated information.

Nigerian State House footer
Footer of the outdated State House website
Source: UGC

No response from presidential handlers

Discovering the errors, this reporter navigated to the "Contact Us" page and sent an email directly to the website webmaster.

In the email, the outdated copyright year was pointed out and requested it be updated to reflect 2024, ensuring the website presents the most accurate information possible.

The email was sent on Friday, April 12. At the time this report was filed on Tuesday, April 30, no changes had been made.

Mail to state house web master
The screenshot of the mail sent to the webmaster, using the address obtained from the Contact Us directory.
Source: UGC

The development indicates that the oversight may not just be a minor technical issue but a symptom of a larger problem—a lack of commitment to maintaining and updating critical online infrastructure.

Read also

Call, data rates to increase as MTN, Airtel, Glo, others push for tariff hike

In today's digital age, where security and accuracy are paramount, such a discrepancy should be frowned upon.

According to Odekomaya, the implications are far-reaching. An outdated website may not be receiving regular security updates, patches, or maintenance, leaving it vulnerable to cyber-attacks and putting user data and privacy at risk.

"An outdated copyright notice date often signifies that the website has not been updated in a while, which may deter people from visiting," the cybersecurity expert told Legit.ng.
"This also negatively impacts a site's ranking, making it less likely to appear in search engine results, such as those on Google."

Tinubu's photographer criticised for poor shots

In another report, President Bola Tinubu's official photographer has been criticised after a portrait picture of Tinubu he shot made it to the public.

The picture blurred the face of the president while leaving the background, which Nigerians felt was a mistake as they believed it should have been more professionally handled.

Source: Legit.ng

Online view pixel