NCC-CSIRT urging businesses to adopt stronger cybersecurity

The Nigerian Communications Commission's Computer Security Incident Response Team (NCC-CSIRT) warning comes after threat actors gained access to Cisco.

The Nigerian Communications Commission's Computer Security Incident Response Team (NCC-CSIRT) is urging organisations to adopt stronger cybersecurity measures like ensuring their employees use strong, unique passwords for every account and enabling multi-factor authentication  wherever it is supported to prevent ransomware attacks. It also advised organisations to ensure regular systems backup.

The NCC-CSIRT’s warning came after Yanluowang threat actors gained access to multinational technology company Cisco's network using an employee's stolen credentials after hijacking the employee's personal Google account containing credentials synchronised from their browser. Cisco reported the security incident on its corporate network but said it did not identify any impact on its business although the threat actors had published a list of files from this security incident on the dark web.

NCC-CSIRT estimated potential damage from the incident to be critical while predicting that successful exploitation of the ransomware will result in ransomware deployment to compromise computer systems, sensitive products and customers’ data theft and exposure, as well as huge financial loss to organisations by incurring significant indirect costs and could also mar their reputations.

Reuben Muoka, Director of Public Affairs at NCC-CSIRT says: “The first step to preventing ransomware attacks is to ensure that employees are using strong, unique passwords for every account and enabling multi-factor authentication (2FA) wherever it’s supported.

"Cisco has immediately implemented a company-wide password reset. Users of Cisco products should ensure a successful password reset.

“User education is critical in thwarting this type of attack or any similar attacks, including ensuring that employees are aware of the legitimate channels through which support personnel will contact users, so that employees can identify fraudulent attempts to obtain sensitive information. Organisations should ensure regular systems backups"

About CSIRT

The Computer Security Incident Response Team (CSIRT) is the telecom sector’s cyber security incidence centre set up by the NCC to focus on incidents in the telecom sector and as they may affect telecom consumers and citizens at large. CSIRT also works collaboratively with the Nigeria Computer Emergency Response Team (ngCERT), established by the Federal Government ,to reduce the volume of future computer risks incidents by preparing, protecting and securing the Nigerian cyberspace to forestall attacks, problems or related events.

Share

Featured Articles

Why CISOs Remain Crucial in the Age of Rampant Ransomware

As ransomware attacks escalate, the CISO has emerged as an indispensable guardian for the cybersecurity of companies

Q&A: Protiviti's Sameer Ansari on CISOs' Growing Challenges

Managing Director - Global Cybersecurity and Privacy Lead at Protiviti, Sameer Ansari discusses his views on the growing challenges CISOs now face

How Partnerships Proved Pivotal for UnitedHealth After Hack

When hackers hit UnitedHealth subsidiary Change Healthcare with a huge cyber attack, its partnership with Vyne Dental proved pivotal in managing fallout.

Transforming Cybersecurity: IBM & Palo Alto's AI Integration

Technology & AI

C-suite Indifference to Cyber Could Cost Business £145k

Operational Security

Why Avast Warn of Social Engineering in Cybersecurity

Operational Security