The Nigerian Communications Commission (NCC) has alerted Nigerians to a plan by a cybercrime group to targeted organizational networks.
The plot, uncovered by security experts, has been categorized by the Nigerian Computer Emergency Response Team’s (ngCERT) advisory released last weekend, as high risk and critical.
In a statement by NCC Director of Public Affairs, Dr. Ike Adinde, yesterday, quoted the advisory, as saying that the criminal group has been mailing out USB thumb drives to many organizations in anticipation that recipients will plug them into their personal computers(PC’S) and install the ransomware on their networks. While businesses are being targeted, criminals could soon begin sending infected USB drives to individuals.
The Guardian has reported last week, relying on CheckPoint Software Technologies, how organizations in Nigeria, South Africa, Kenya, and other parts of Africa recorded the highest volume of cyberattacks in 2021, with an average of 1,615 weekly breaches.
Data from Check Point revealed that the 1, 615 attacks represented a 15 percent increase from 2020. In second place is Asia Pacific (APAC) with an average of 1,299 weekly attacks per organization (20 percent increase ), followed by Latin America with an average of 1,117 attacks weekly (37 percent increase ), Europe with 665 (65 percent increase), and North America with 497(57 per cent increase).
Globally, it disclosed that 2021 recorded a record-breaking number of cyber attacks, with a 50 percent increase in overall breaches per week on corporate networks compared to the previous year.
Also, the NCC statement, describing how the cybercrime group runs the ransomware, informed that the ngCERT advisory said the USB drives contain so-called ‘Bad USB’ attacks. It said the bad USB exploits the USB standards ‘ versatility and allows an attacker to reprogramme a USB drive to emulate a keyboard to create keystrokes and commands on a computer. It then installs malware prior to the operating system booting or spoofing a network card to redirect traffic.
According to the commission, numerous attacks tools are also installed in the process that allows for exploitation of PCs, lateral movement across a network, and installation of additional malware. The tools were used to deploy multiple ransomware strains, including BlacBatter and REvil.
Source: Guardian.