ICT

Cyberstalking/Crime: Group Plotting to Hack into Businesses/Individuals Networks

 By Mohammed Mohamed

The Nigerian Communications Commission (NCC), has raised the alarm that a cybercrime group has perfected a new year scheme to deliver ransomware to targeted organizations and individual networks.

The new ransomware uncovered by security experts has been categorised, by the Nigerian Computer Emergency Response Team’s (ngCERT) advisory released over the weekend, as high-risk and critical, NCC further hinted.

According to the advisory, the criminal group is said to have been mailing out USB thumb drives to many organisations in the hope that recipients will plug them into their PCs and install the ransomware on their networks. While businesses are being targeted, criminals could soon begin sending infected USB drives to individuals.

NCC Ad

Describing how the cybercrime group runs the ransomeware, the ngCERT advisory says the USB drives contain so-called ‘BadUSB’ attacks. The BadUSB exploits the USB standards versatility and allows an attacker to reprogram a USB drive to emulate a keyboard to create keystrokes and commands on a computer. It then installs malware prior to the operating system booting, or spoofs a network card to redirect traffic.

Numerous attack tools are also installed in the process that allows for exploitation of personal computers (PCs), lateral movement across a network, and installation of additional malware. The tools were used to deploy multiple ransomware strains, including BlackBatter and REvil.

According to ngCERT, the attack has been seen in the United States (US), where the USB drives were sent in the mail through the Postal Service and Parcel Service (USPS).

One type contained a message impersonating the US Department of Health and Human Services and claimed to be a COVID-19 warning. Other malicious USBs were sent in the post with a gift card claiming to be from Amazon. 

 However, ngCERT has offered recommendations that will enable corporate and individual networks to mitigate the impact of this new cyberattack and be protected from the ransomware.

These recommendations include a call on individuals and organisations not to insert USB drives from unknown sources, even if they’re addressed to you or your organization.

In addition, if the USB drive comes from a company or a person one is not familiar with and trusts, it is recommended that one contacts the source to confirm they actually sent the USB drive.

Finally, ngCERT has advised Information and Communication Technology as well as other Internet users to report any incident of system compromises to ngCERT via incident@cert.gov.ng, for technical assistance.

Related Posts

Kashifu Inuwa: 3 Years of Transformational Leadership, Impactful IT Trajectory in Nigeria

Extraordinaire News

Lifting 100m Nigerians Out of Poverty: FG Charges Youth on ICT

Extraordinaire News

NCC on How to Avoid Falling Victim of WhatsApp Hackers

Extraordinaire News

NITDA, Foundation to Train Nigerians on Emerging Creative Tech

Extraordinaire News

NITDA INCHES TO ATTAINING 24,000 TRAINEE TARGETS ON COURSERA PROGRAMME 

Extraordinaire News

NCC: Battle Against Electronic-fraud Responsibility of All

Extraordinaire News

WHY NCC SUSPENDS ISSUANCE OF LICENCES FOR VALUE ADDED SERVICE, OTHERS

Extraordinaire News

EXCITEMENT AS NIGERIA IS SET TO HOST GITEX, WORLD’s LARGEST TECH EXPO

Extraordinaire News

Insecurity: FG Moves to Digitalize Intelligent Gathering

Extraordinaire News

Leave a Comment

* By using this form you agree with the storage and handling of your data by this website.