The Nigerian Communications Commission’s Computer Security
Incident Response Team (NCC-CSIRT) has urged organisations to adopt stronger
cybersecurity measures.
These measures include ensuring that organisations’
employees use strong, unique passwords for every account and enabling
multi-factor authentication (2FA) wherever it is supported to prevent
ransomware attacks as well as advising organisations to ensure regular systems
backup.
The NCC-CSIRT’s warning contained in its advisory of August
12, 2022, came after the Yanluowang threat actors gained access to Cisco’s
network using an employee’s stolen credentials after hijacking the employee’s
personal Google account containing credentials synced from their browser.
Ransomware is a malware designed to deny a user or
organization access to files on their computer until they pay the attackers.
Cisco reported the security incident on its corporate
network but said it did not identify any impact on its business although the
threat actors had published a list of files from this security incident on the
dark web on August 10.
NCC-CSIRT estimated potential damage from the incident to be
critical while predicting that successful exploitation of the ransomware will
result in ransomware deployment to compromise computer systems, sensitive
products and customers’ data theft and exposure, as well as huge financial loss
to organizations by incurring significant indirect costs and could also mar
their reputations.
The team said, “The first step to preventing ransomware
attacks is to ensure that employees are using strong, unique passwords for
every account and enabling multi-factor authentication (2FA) wherever it’s
supported.”
It further disclosed that “In response to the attack, Cisco
has immediately implemented a company-wide password reset. Users of Cisco
products should ensure a successful password reset.
“As a precaution, the company has also created two Clam
AntiVirus signatures (Win.Exploit.Kolobko-9950675-0 and
Win.Backdoor.Kolobko-9950676-0) to disinfect any potentially compromised
assets. Clam AntiVirus Signatures (or ClamAV) is a multi-platform antimalware
toolkit that can detect a wide range of malware and viruses.
“User education is critical in thwarting this type of
attacks or any similar attacks, including ensuring that employees are aware of
the legitimate channels through which support personnel will contact users, so
that employees can identify fraudulent attempts to obtain sensitive
information. Organisations should ensure regular systems backup,” the advisory
urged.
The CSIRT is the telecom sector’s cyber security incidence
centre set up by the NCC to focus on incidents in the telecom sector and as
they may affect telecom consumers and citizens at large.
The CSIRT also works collaboratively with the Nigeria
Computer Emergency Response Team (ngCERT), established by the Federal
Government to reduce the volume of future computer risks incidents by
preparing, protecting and securing the Nigerian cyberspace to forestall
attacks, problems or related events.
Advertise on NigerianEye.com to reach thousands of our daily users
No comments
Post a Comment
Kindly drop a comment below.
(Comments are moderated. Clean comments will be approved immediately)
Advert Enquires - Reach out to us at NigerianEye@gmail.com