Facebook
Youtube
Instagram
News

FG Warns Nigerian On New Ransomware Attacking Organizational Networks

  • 1:15 pm
  • |
The Federal Government, through the Nigerian Communications Commission (NCC), has warned Nigerians about a cybercrime group that is sending ransomware to targeted organizational networks.

This was made known in a statement signed by Dr. Ikechukwu Adinde, NCC Director, Public Affairs.

According to the NCC, the new ransomware discovered by security professionals has been classified as high-risk and critical by the Nigerian Computer Emergency Response Team’s (ngCERT) advisory released over the weekend.

According to the ngCERT advisory, the criminal group is said to have been mailing out USB thumb drives to many organizations in the hope that recipients will plug them into their PCs and install the ransomware on their networks. While businesses are being targeted, criminals could soon begin sending infected USB drives to individuals.

Describing how the cybercrime group runs the ransomeware, the ngCERT advisory says the USB drives contain so-called ‘BadUSB’ attacks. The BadUSB exploits the USB standards versatility and allows an attacker to reprogram a USB drive to emulate a keyboard to create keystrokes and commands on a computer. It then installs malware prior to the operating system booting or spoofs a network card to redirect traffic.

The advisory disclosed that numerous attack tools are also installed in the process that allows for exploitation of personal computers (PCs), lateral movement across a network, and installation of additional malware. The tools were used to deploy multiple ransomware strains, including BlackBatter and REvil.

According to ngCERT, the attack has been seen in the US where the USB drives were sent in the mail through the Postal Service and Parcel Service. One type contained a message impersonating the US Department of Health and Human Services and claimed to be a COVID-19 warning. Other malicious USBs were sent in the post with a gift card claiming to be from Amazon.

However, ngCERT has offered recommendations that will enable corporate and individual networks to mitigate the impact of this new cyber attack and be protected from ransomware.

Individuals and organizations are advised not to insert USB drives from unknown sources, even if they are addressed to you or your organization. Furthermore, if the USB drive comes from a company or person with whom you are unfamiliar and do not have trust, it is recommended that you contact the source to confirm that they sent the USB drive.

Finally, ngCERT has advised information and communication technology professionals, as well as all Internet users, to report any incidents of system compromises to ngCERT at incident@cert.gov.ng for technical help.

Ada Peter
Kindly share this story:
Kindly share this story:
Share on whatsapp
Share on facebook
Share on twitter
Share on linkedin
Share on telegram
Share on facebook
Top News

Related Articles

Facebook
Youtube
Instagram

CONNECT WITH US

Powered by
DNETWORK GLOBAL LIMITED
Copyright © 2020 - 2024