In order to prevent ransomware attacks, the Nigerian Communications Commission’s Computer Security Incident Response Team (NCC-CSIRT) has urged organizations to adopt stricter cybersecurity measures.
Among other measures, organizations should ensure employees use strong passwords for every account and enable multi-factor authentication (2FA) wherever it is supported. The NCC-CSIRT also encouraged companies to back up their systems often.
These security measures are contained in a notice published on August 12, 2022, after threat actors in Yanluowang hijacked a worker’s personal Google account containing credentials obtained from his browser and used them to infiltrate the network of Cisco, a multinational technology conglomerate.
READ ALSO: ALERT: New malware targets Android user privacy
Ransomware is malicious software designed to prevent a user or organization from accessing files on their computer until they pay those who are causing the disruption. The NCC-CSIRT has determined that ransomware can cause critical harm, as successful exploitation of ransomware would result in computer system compromise, theft and exposure of sensitive products and customer data, and significant financial loss to an organization.
READ ALSO: EXPLAINER: EFCC “Linked Naira Marley to the Dark Web”. Here’s what you need to know about the most hidden part of the internet
“The first step in preventing ransomware attacks is to ensure employees use strong, unique passwords for each account and enable multi-factor authentication (2FA) wherever it is supported,” said said the NCC-CSIRT.
“In response to the attack, Cisco immediately implemented a company-wide password reset. Cisco product users should ensure a successful password reset.
“As a precaution, the company has also created two Clam AntiVirus signatures (Win.Exploit.Kolobko-9950675-0 and Win.Backdoor.Kolobko-9950676-0) to disinfect any potentially compromised assets. Clam AntiVirus Signatures (or ClamAV) is a cross-platform antimalware toolkit capable of detecting a wide range of malware and viruses.
“User training is key to thwarting this type of attack or any similar attack, including ensuring that employees are aware of the legitimate channels through which support personnel will contact users, so that employees can identify attempted fraudulent ways of obtaining sensitive information. Organizations should ensure regular backup of systems.
The CSIRT is the telecommunications sector’s cybersecurity center established by the NCC to focus on incidents in the telecommunications sector as they affect telecommunications consumers and citizens in general.
The CSIRT also works in conjunction with the Nigeria Computer Emergency Response Team (ngCERT), which was established by the Federal Government to prepare, protect and secure Nigerian cyberspace by preventing attacks, problems or events related.