Spread the love
The Nigerian Communications Commission (NCC) has asked organizations to adopt stronger cybersecurity measures to prevent ransomware attacks on their corporate network.
Ransomware is a type of malicious software or malware that prevents you from accessing your computer files, systems, or networks and demands you pay a ransom for their return.
In an advisory on Friday, the NCC computer security incident response team (CSIRT) said to prevent this form of attack, organisations should ensure their employees use strong passwords, enable multi-factor authentication (2FA), and ensure regular systems backup.
The advisory was issued after hackers using the Yanluowang ransomware, reportedly gained access to Cisco’s network “using an employee’s stolen credentials after hijacking the employee’s personal Google account containing credentials synced from their browser”.
“NCC-CSIRT estimated the potential damage from the incident to be critical, predicted that successful exploitation of the ransomware will result in ransomware deployment to compromise computer systems, sensitive products and customers’ data theft and exposure,” the statement reads.
“It could also result in huge financial loss to organisations by incurring significant indirect costs and could also mar their reputations.
“The first step to preventing ransomware attacks is to ensure that employees are using strong, unique passwords for every account and enabling multi-factor authentication (2FA) wherever it’s supported.
“In response to the attack, Cisco has immediately implemented a company-wide password reset. Users of Cisco products should ensure a successful password reset.
“As a precaution, the company has also created two Clam AntiVirus signatures (Win.Exploit.Kolobko-9950675-0 and Win.Backdoor.Kolobko-9950676-0) to disinfect any potentially compromised assets. Clam AntiVirus Signatures (or ClamAV) is a multi-platform antimalware toolkit that can detect a wide range of malware and viruses.
“User education is critical in thwarting this type of attacks or any similar attacks, including ensuring that employees are aware of the legitimate channels through which support personnel will contact users, so that employees can identify fraudulent attempts to obtain sensitive information. Organisations should ensure regular systems backup.”
You may be interested
For How Long Is My Motor Insurance Policy Valid?Webby - September 12, 2022
When purchasing auto insurance, you can tailor many aspects, including the types of coverage you select, the amount of your…
Buhari promises urgent approval of Diri’s 3 requests for BayelsaWebby - October 7, 2022
President Muhammadu Buhari, hosting governor Duoye Diri of Bayelsa State on courtesy visit at the State House, Abuja, promised…
The unbelievable Erling Haaland’s weekly wage at Manchester CityWebby - October 7, 2022
Spread the love Manchester City had spent an initial £51m, which could rise to £85.5m in total to bring…