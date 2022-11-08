…Warns against installing Mobile Apps Group

…Charges Nigerians to take Cisco product alerts seriously

…PPC says upgrading critical security Infrastructure, panacea for rising Cyberthreats

By Prince Osuagwu Hi-Tech Editor & Juliet Umeh

T he increasing adoption of latest technologies in Nigeria has given rise to advances in cyber-threats and the government is worried that both individuals and corporate Nigeria are in serious danger if something is not done.

Although the trend has been there for almost a decade now, recent years have seen a huge surge of attacks on people and businesses across sectors. The development has raised volumes of conversation around the Nigerian business community.

In 2021 there were massive cyberattacks that affected private organisations, government agencies, individuals, and supply chains globally. Nigeria had its fair share of cyberattacks and compromise albeit largely underreported.

On December 9, 2021 an acute Remote Code Execution (RCE) vulnerability was reported in the Apache logging package Log4j 2 versions 2.14.1 that shook the internet.

By December 10, more than 3.7 million hacking attempts had been made to exploit the vulnerability, according to leading cybersecurity firm Checkpoint, with more than 46% conducted by known malicious groups.

Based on the unprecedented Ransomware attacks which rose and continue to rise as Ransomware-as-a-Service (RaaS), the average amount of reported Ransomware transactions per month in 2021 was $102.3 million, according to FinCEN Report.

So, the Nigerian government is creating massive awareness, including exposing the modus operandi of the attackers.

Recently Galaxy Backbone, expressed worry over the increasing spate of cyberattacks in Nigeria, and advised the internet users to take precautionary steps to ward off the scammers.

A senior manager in the company, Mr Ifedayo Balogun, said: ‘’Five million scam emails go out of Nigeria every year. We don’t have information on inbound traffic because they come through separate medium, through the transatlantic medium and there are about four of them that carry internet traffic.

But the Nigerian Communications Commission’s Computer Security Incident Response Team (NCC-CSIRT) has issued out series of advisories aimed at getting Nigerians aware of the nuances of the cyber attackers as well as preparing corporate Nigeria on how to get their systems protected.

The team has just advised against the installation of apps from an offending publisher, the ‘Mobile Apps Group’, whose products were discovered to contain Trojans and adware that are harmful to users and their privacy.

NCC-CSIRT’s advisory on the incident disclosed that “The Nigeria Computer Emergency Response Team (ngCERT) has continued to observe and monitor the constant introduction of malicious mobile applications into Google Play Store.

It said: “Mobile apps Group has a history of distributing malware-infected apps through the Google Play store, and the current batch of apps has already been downloaded over a million times”.

The group’s malicious apps include the Bluetooth Auto Connect; Bluetooth App Sender; Driver: Bluetooth, WI-Fi, USB; and Mobile transfer, smart switch among others.

According to the advisory, “The apps will delay the display of ads for up to three days after installation to avoid detection. However, once this period has passed, the user is bombarded with advertisements and is directed to malicious phishing websites in the Chrome browser. While the device is idle, the malicious app can open Chrome tabs in the background. Some of the sites it opens may appear to be harmless, but they are pay-per-click pages that generate revenue for the developers when clicked on.”

Also at the weekend, NCC-CSIRT, urged telecom users to frequently review alerts on Cisco products to assess their exposure and find a comprehensive update solution.

Cisco offers a wide range of products and networking solutions designed for enterprises and small businesses across a variety of industries.

The team, said the recommendation for usage of appropriate software updates that are accessible from the vendor website, followed the identification of multiple vulnerabilities in Cisco Products, especially the Cisco AnyConnect Secure Mobility Client for Windows, which enables employees to access company servers from anywhere without compromising security.

It explained that the two vulnerabilities made it possible for a remote attacker exploit to trigger remote code execution and data manipulation on the targeted system.

According to CSIRT, “The weaknesses in the product include uncontrolled search path and DLL, Dynamic Link Library, hijacking vulnerabilities.

Upgrading critical security Infrastructure, panacea to rising Cyberthreats, PPC tells FG

However, foremost ICT and infrastructure development company, PPC has rather advised that the best way to go should be for both government and corporate organisations to also constantly ensure upgrade of critical security infrastructure.

Its advise came as a response to series of cybersecurity alerts issued by the Nigerian Communications Commission (NCC), over impending attacks on systems.

Head of the ICT Division at PPC Nigeria, Dr. Patrick Ede, while speaking in Lagos, said cyber-criminals were now using sophisticated tools to take control of outdated IT systems and gain remote access to important customer data.

The implication of this, according to him, is that organizations whose security has been breached will experience disruption of critical operations, loss of revenue and important data.

He stated that the credibility and reputational damage the activities of malicious cyber hackers cause were often irreversible, adding that neglect of vulnerabilities in IT systems would hamper overall business performance.

The NCC’s Computer Security Incident Response Team (CSIRT) issued different security alerts in the past months, urging Nigerians to be wary of five malicious Google Chrome Extensions, compromised apps and vulnerabilities in specific antivirus products that secretly track users’ activities online and compromise their data.

The regulator said the malwares, which have high damage potential, have been downloaded multiple times by unsuspecting people and consequently jeopardizing the privacy of users.

“Businesses are confronting new security threats arising from unprecedented global technology adoption and a hybrid work culture. These criminals explore the vulnerabilities in new and existing technology installations to launch their attacks,” Ede said.

He added, “It has become imperative for organizations to rethink how they address security concerns. Regular upgrade of software and hardware infrastructure should be included in cybersecurity measures to minimize risk of breaches. Software is not perfect and loopholes are often exploited by threat actors. Therefore, businesses must plan to deploy patches immediately a security risk is announced by the vendor.

“While there has been a lot of focus on software updates, physical technology devices such as workstations and servers that are slow or have stopped receiving vendor updates, need to be replaced to mitigate risk of data breaches. Most end-of-life hardware infrastructure is not interoperable with new software installations and as such, the software requires an updated hardware to run it,” he added.

RELATED NEWS