In order to prevent ransomware attacks, the Nigerian Communications Commission’s Computer Security Incident Response Team (NCC-CSIRT) has urged organisations to adopt stronger cybersecurity measures.
Among other measures, organisations are to ensure that employees use strong passwords for each account and enable multi-factor authentication (2FA) wherever it is supported. The NCC-CSIRT also encouraged businesses to back up their systems often.
These security measures are contained in an advisory released on August 12, 2022, after threat actors from Yanluowang hijacked a worker’s personal Google account containing credentials got from their browser and used them to infiltrate the network of Cisco, a multinational tech conglomerate.
READ ALSO: ALERT: New Malware Targeting Privacy of Android Users
Ransomware is a malware designed to deny a user or an organisation access to files on their computer until they pay those behind the disruption. The NCC-CSIRT determined that ransomware could cause critical damage, as a successful ransomware exploitation would lead to a computer system compromise, theft and exposure of sensitive products and customers’ data, as well as a significant financial loss to an organisation.
“The first step to preventing ransomware attacks is to ensure that employees are using strong, unique passwords for every account and enabling multi-factor authentication (2FA) wherever it’s supported,” NCC-CSIRT said.
“In response to the attack, Cisco has immediately implemented a company-wide password reset. Users of Cisco products should ensure a successful password reset.
“As a precaution, the company has also created two Clam AntiVirus signatures (Win.Exploit.Kolobko-9950675-0 and Win.Backdoor.Kolobko-9950676-0) to disinfect any potentially compromised assets. Clam AntiVirus Signatures (or ClamAV) is a multi-platform antimalware toolkit that can detect a wide range of malware and viruses.
“User education is critical in thwarting this type of attacks or any similar attacks, including ensuring that employees are aware of the legitimate channels through which support personnel will contact users, so that employees can identify fraudulent attempts to obtain sensitive information. Organizations should ensure regular systems backup.”
The CSIRT is the telecom sector’s cyber security centre set up by the NCC to focus on incidents in the telecom sector as they affect telecom consumers and citizens at large.
The CSIRT also work collaboratively with the Nigeria Computer Emergency Response Team (ngCERT), which was established by the Federal Government to prepare, protect and secure the Nigerian cyberspace by forestalling attacks, problems or related events.
Subscribe
Be the first to receive special investigative reports and features in your inbox.