Nigerian Communications Regulator Push For Stronger Cybersecurity Measures

In the light of Cisco’s recent ransomware attack, the Nigerian Communications Commission’s Computer Security Incident Response Team (NCC-CSIRT) has urged organisations to adopt stronger cybersecurity measures.

Yanluowang hackers had accessed Cisco’s network using an employee’s stolen credentials.

The hackers had hijacked the employee’s personal Google account containing credentials synced from their browser.

In its advisory of August 12, 2022, the regulator pushed strong, unique passwords, regular systems backup, and multi-factor authentication (2FA) as bulwarks to cyber attacks.

Ransomware is a malware designed to deny a user or organization access to files on their computer until they pay the attackers.

Cisco while reporting the security incident said it did not identify any impact on its business.

However, the hackers had published a list of files from this security incident on the dark web on August 10.

NCC-CSIRT estimated potential damage from the incident to be critical.

The regulator predicted that successful exploitation of the ransomware will result in ransomware deployment to compromise computer systems, sensitive products and customers’ data theft and exposure, as well as huge financial loss to organizations.

In response to the attack, Cisco has immediately implemented a company-wide password reset.

Cisco also created two Clam AntiVirus signatures (Win.Exploit.Kolobko-9950675-0 and Win.Backdoor.Kolobko-9950676-0) to disinfect any potentially compromised assets.

The CSIRT is the telecom sector’s cyber security incidence centre set up by the NCC to focus on incidents in the telecom sector and as they may affect telecom consumers and citizens at large.

The CSIRT also works collaboratively with the Nigeria Computer Emergency Response Team (ngCERT), established by the Federal Government to reduce the volume of future computer risks incidents.

Leave a Reply

Your email address will not be published. Required fields are marked *