Menu Close

NCC-CSIRT urges stronger security measures against new Yanluowang ransomware

*The Nigerian Communications Commission’s Computer Security Incident Response Team, in an advisory, urges organisations to adopt stronger cybersecurity measures against the Yanluowang ransomware used in targeted enterprise attacks

Gbenga Kayode | ConsumerConnect

As part of its practical measures to protect consumers against online vulnerabilities, the Nigerian Communications Commission’s Computer Security Incident Response Team (NCC-CSIRT) has urged organisations to adopt stronger cybersecurity measures.

ConsumerConnect reports the telecoms sector regulatory Commission noted these measures include ensuring that organisations’ employees use strong, unique passwords for every account and enabling multi-factor authentication (2FA) wherever it is supported to prevent ransomware attacks as well as advising organisations and/or enterprises to ensure regular systems backup.

RELATED Cybersecurity: NCC-CSIRT Identifies 2 Cyber Vulnerabilities, Offers Measures For Consumer Protection

Mr. Reuben Muoka, Director of Public Affairs at NCC, in a statement issued Saturday, August 13, 2022, in Abuja, FCT, disclosed that the NCC-CSIRT’s latest warning, contained in its advisory of August 12, came after the Yanluowang threat actors gained access to Cisco’s network.

CisCo confirms it has been hacked by Yanluowang ransomware gang   Photo: The Hacker News

According to the Commission, the threat actors used an employee’s stolen credentials after hijacking the employee’s personal Google account containing credentials, synced from their browser.

Ransomware is a malware designed to deny a user or organisation access to files on their computer until they pay the attackers.

READ ALSO Special Report: 2022 WCRD And Consumer Protection Against Market Abuses In Digital Financial Services Ecosystem

The NCC-CSIRT stated that Cisco reported the security incident on its corporate network, but said it did not identify any impact on its business although the threat actors had published a list of files from this security incident on the dark Web August 10.

Mouka also noted  team estimated potential damage from the incident to be critical while predicting that successful exploitation of the ransomware will result in ransomware deployment to compromise computer systems, sensitive products and customers’ data theft and exposure.

It noted other implication is a huge financial loss to organisations by incurring significant indirect costs and could also mar their  reputations.

READ ALSO: Danbatta Restates NCC’s Commitment To Telecoms Consumers’ Wellbeing, Highlights SVP 2021-2025

“The first step to preventing ransomware attacks is to ensure that employees are using strong, unique passwords for every account and enabling multi-factor authentication (2FA) wherever it’s supported,” said the advisory.

NCC-CSIRT further stated: “In response to the attack, Cisco has immediately implemented a company-wide password reset.

“Users of Cisco products should ensure a successful password reset.”

RELATED: Telecoms Regulator Urges Responsible Use Of Internet, Protection Of Telecoms Infrastructure

The advisory said: “As a precaution, the company has also created two Clam AntiVirus signatures (Win.Exploit.Kolobko-9950675-0 and Win.Backdoor.Kolobko-9950676-0) to disinfect any potentially compromised assets.

“Clam AntiVirus Signatures (or ClamAV) is a multi-platform anti-malware toolkit that can detect a wide range of malware and viruses.”

The NCC-CSIRT also noted: “User education is critical in thwarting this type of attacks or any similar attacks, including ensuring that employees are aware of the legitimate channels through which support personnel will contact users, so that employees can identify fraudulent attempts to obtain sensitive information. “Organisations should ensure regular systems backup.”

RELATED: Danbatta Restates NCC’s Commitment To Broadband, Consumer Protection, Digital Economy

The CSIRT is the telecoms sector’s cybersecurity incidence centre set up by the NCC to focus on incidents in the telecoms sector, and as they may affect telecoms consumers and citizens at large.

The Commission stated that the team as well “works collaboratively with the Nigeria Computer Emergency Response Team (ngCERT), established by the Federal Government to reduce the volume of future computer risks incidents by preparing, protecting and securing the Nigerian cyberspace to forestall attacks, problems or related events.”

Kindly Share This Story

 

 

 

Kindly share this story