Concerns as cyber criminals release more attacks in a week
• NCC-CSIRT urges stronger security measures against ransomware, malware
Online space is troubled as cyber criminals have unleashed another attack: the second in a week! Urging people to be extra careful, Nigerian Communications Commission’s Computer Security Incident Response Team (NCC-CSIRT) advised organisations to adopt stronger cybersecurity measures, like ensuring employees use strong, unique passwords for every account and enabling multi-factor authentication (2FA), wherever it is supported, to prevent ransomware attacks. It also advised organisations to ensure regular systems backup.
NCC-CSIRT’s warning is contained in its advisory released at the weekend, followed by a statement from the NCC, after the commission informed that ‘Yanluowang’ threat actors gained access to Cisco’s network using an employee’s stolen credentials, after hijacking the employee’s personal Google account containing credentials synced from their browser.
Ransomware is a malware designed to deny a user or organisation access to files on their computer until they pay the attackers.
Cisco reported the security incident on its corporate network but said it did not identify any impact on its business, although the threat actors had published a list of files from this security incident on the dark web on August 10.
This attack is second within a week as the NCC-CSIRT had, last Monday, flagged a new malware, known as HiddenAds, which infiltrated Google Play Store and impacted device performance and jeopardised users’ privacy.
The malware infiltrated the Store in the form of several device cleaners or optimisation apps. According to the summary provided by NCC-CSIRT, “upon installation, it can run malicious services without the user opening the app. It also spams the user with irrelevant advertisements. The apps have received downloads ranging from 100,000 to over a million.”
The Team said: “The first step to preventing ransomware attacks is to ensure that employees are using strong, unique passwords for every account and enabling multi-factor authentication (2FA) wherever it’s supported.”
It further disclosed: “In response to the attack, Cisco has immediately implemented a company-wide password reset. Users of Cisco products should ensure a successful password reset.”