NCC Alerts Telcos, Subscribers To Window OS, Routers Cyber Threats

NCC Alerts Telcos, Subscribers To Window OS, Routers Cyber Threats

TECHDIGEST – The Computer Security Incidents Response Team (CSIRT) set up by the Nigerian Communications Commission (NCC) for the telecoms sector, has discovered two new separate cyber threats targeting Windows Platforms and a particular kind of routers respectively.

The discoveries, according to a statement signed by Dr. Ikechukwu Adinde, Director, Public Affairs at NCC and made available to TechEconomy.ng today, were made known in two separate advisories released by the cyber-space protection team earlier this week.

The first cyber threat is a ransomeware known as ‘Lokilocker’, which is capable of wiping data from all version of Windows Operating System (OS) or platforms. It causes data loss, and denial of service (DDoS), which reduces user’s productivity.

“Lokilocker”, is a relatively new ransomware that has been discovered by security researchers and belonging to the ransomware family. Lokilocker operates by encrypting user files and renders the compromised system useless if the victim does not pay the demanded ransom in time.

To hide the malicious activity, the ransomware displays a fake window update screen, cancel specific processes and services, and completely disables the task manager, windows error reporting, machine firewall and windows defender of the compromised system.

Sadly, it also has in-built processes that prevent data recovery as it deletes backup files, shadow copies, and removes system restore points.

It also overwrites the user login note and modifies original equipment manufacturer (OEM) information in the registry of the compromised system.

READ ALSO : Weak identity protection poses cyber threats to African Businesses- Microsoft

“To protect against infections by LokiLocker and similar ransomware, the best rule is to always have a backup copy of your data, which should be stored offline,” the advisory stated.

Additionally, according to CSIRT, “all downloads and email attachments should be opened with caution, even if they are from trusted sites or senders. Users should also ensure they attachments are scanned with an up-to-date antimalware solution, before opening.”

The second cyber threat discovered by the NCC CSIRT is a Botnet that targets the Microtik version of Routers. As CSIRT revealed, thousands of routers from Microtik which have been found to be vulnerable are being used to constitute what has been named one of the largest botnets in history

To be protected against this botnet, NCC CISRT asdvised users to update or apply the latest patches to their routers early, set strong router passwords, disable the administration interface of the routers from the public, stay away from illegitimate or cracked software versions of legitimate applications, and use decent antivirus software with in-built web-filtering, and apply the latest patches as soon as they arrive.