By Juliet Umeh
The Nigerian Communications Commission, NCC, has asked organisations to adopt stronger cybersecurity measures to prevent ransomware attacks on their corporate network.
Ransomware is a type of malicious software or malware that prevents one from accessing his/her computer files, systems, or networks and demands you pay a ransom for their return.
Recently, the NCC computer security incident response team, CSIRT, said to prevent this form of attack, organisations should ensure their employees use strong passwords, enable multi-factor authentication (2FA), and ensure regular systems backup.
The advisory was issued after hackers using the Yanluowang ransomware, reportedly gained access to Cisco’s network “using an employee’s stolen credentials after hijacking the employee’s personal Google account containing credentials synced from their browser”.
“NCC-CSIRT estimated the potential damage from the incident to be critical, predicted that successful exploitation of the ransomware will result in ransomware deployment to compromise computer systems, sensitive products and customers’ data theft and exposure,” the statement reads.
“It could also result in huge financial loss to organisations by incurring significant indirect costs and could also mar their reputations.
“The first step to preventing ransomware attacks is to ensure that employees are using strong, unique passwords for every account and enabling multi-factor authentication (2FA) wherever it’s supported.
“In response to the attack, Cisco has immediately implemented a company-wide password reset. Users of Cisco products should ensure a successful password reset.
“As a precaution, the company has also created two Clam AntiVirus signatures (Win.Exploit.Kolobko-9950675-0 and Win.Backdoor.Kolobko-9950676-0) to disinfect any potentially compromised assets. Clam AntiVirus Signatures (or ClamAV) is a multi-platform antimalware toolkit that can detect a wide range of malware and viruses.
“User education is critical in thwarting this type of attacks or any similar attacks, including ensuring that employees are aware of the legitimate channels through which support personnel will contact users, so that employees can identify fraudulent attempts to obtain sensitive information. Organisations should ensure regular systems backup.”