NCC warns about cyber-attacks through BadUSB
The Nigerian Communications Commission, NCC, has raised yet another alarm, saying a cybercrime group has perfected a scheme to deliver ransomware to targeted organizational networks.
The commission in a statement signed by its director of public affairs, Dr. Ikechukwu Adinde, urged the public to be vigilant to avoid falling victims of cyber-attacks.
NCC raised a number of scary alarms late 2021.
At a time in October, 2021, NCC warned Nigerians that there is new, high-risk and extremely damaging Malware called Flubot which is capable of stealing banking details from devices. (Read what NCC said about Flubot here)
Then, in November, 2021, it claimed that some Iranian hackers are targeting African telecoms space for cyber-espionage.
According to NCC in November, 2022, an Iranian syndicate, Lyceum, also known as Hexane, Siamesekitten or Spirlin, has been reported to be targeting telecoms operators, Internet Service Providers (ISPs) and ministries of foreign affairs (MFAs) in Africa with upgraded malware. (Read about NNC’s warnings on the suspected Iranian syndicate here)
And now, NCC has said the new ransomware uncovered by security experts has been categorised by the Nigerian Computer Emergency Response Team’s (ngCERT) as high-risk and critical.
It noted that the criminal group is said to have been mailing out USB thumb drives to many organisations in the hope that recipients will plug them into their PCs and install the ransomware on their networks.
While businesses are being targeted, criminals could soon begin sending infected USB drives to individuals, the commission explained further.
Describing how the cybercrime group runs the ransomeware, the NCC noted that the ngCERT advisory says the USB drives contain so-called ‘BadUSB’ attacks.
Only last week, the FBI warned about hackers allegedly targeting US organisations in the so-called ‘BadUSB Attacks’, and it would appear that the NCC was regurgitating the US warning, as it is not clear whether Nigeria truly faces similar alleged attacks.
The commission said: “The BadUSB exploits the USB standards versatility and allows an attacker to reprogram a USB drive to emulate a keyboard to create keystrokes and commands on a computer. It then installs malware prior to the operating system booting, or spoofs a network card to redirect traffic.
“According to ngCERT, the attack has been seen in the US where the USB drives were sent in the mail through the Postal Service and Parcel Service. One type contained a message impersonating the US Department of Health and Human Services and claimed to be a COVID-19 warning. Other malicious USBs were sent in the post with a gift card claiming to be from Amazon.
“However, ngCERT has offered recommendations that will enable corporate and individual networks to mitigate the impact of this new cyber attack and be protected from the ransomware. These recommendations include a call on individuals and organisations not to insert USB drives from unknown sources, even if they’re addressed to you or your organization. In addition, if the USB drive comes from a company or a person one is not familiar with and trusts, it is recommended that one contacts the source to confirm they actually sent the USB drive.
“Finally, ngCERT has advised Information and Communication Technology as well as other Internet users to report any incident of system compromises to ngCERT via incident@cert.gov.ng, for technical assistance.”
Share your thoughts on the story with OnlineNews in the comments section.
