• About
  • Advertise
  • Careers
  • Contact Us
Monday, June 23, 2025
  • Login
No Result
View All Result
NEWSLETTER
Tech | Business | Economy
  • News
  • Tech
    • DisruptiveTECH
    • ConsumerTech
    • How To
    • TechTAINMENT
  • Business
    • Telecoms
    • Mobility
    • Environment
    • Travel
    • StartUPs
      • Chidiverse
    • TE Insights
    • Security
  • Partners
  • Economy
    • Finance
    • Fintech
    • Digital Assets
    • Personal Finance
    • Insurance
  • Features
    • IndustryINFLUENCERS
    • Guest Writer
    • EventDIARY
    • Editorial
    • Appointment
  • TECHECONOMY TV
  • Apply
  • TBS
  • BusinesSENSE For SMEs
  • Chidiverse
  • News
  • Tech
    • DisruptiveTECH
    • ConsumerTech
    • How To
    • TechTAINMENT
  • Business
    • Telecoms
    • Mobility
    • Environment
    • Travel
    • StartUPs
      • Chidiverse
    • TE Insights
    • Security
  • Partners
  • Economy
    • Finance
    • Fintech
    • Digital Assets
    • Personal Finance
    • Insurance
  • Features
    • IndustryINFLUENCERS
    • Guest Writer
    • EventDIARY
    • Editorial
    • Appointment
  • TECHECONOMY TV
  • Apply
  • TBS
  • BusinesSENSE For SMEs
  • Chidiverse
No Result
View All Result
Tech | Business | Economy
No Result
View All Result
ADVERTISEMENT
Home Business Security

Nigeria’s IT, Telecom Services at High Risk Amid Surge in Ransomware Attacks, Warns ngCERT

by Joan Aimuengheuwa
July 10, 2024
in Security
1
Nigeria’s IT and Telecom Services at High Risk Amid Surge in Ransomware Attacks, Warns ngCERT
Source: Pixabay

Source: Pixabay

UBA
Advertisements

The Nigeria Computer Emergency Response Team (ngCERT) has issued an urgent advisory highlighting an increase in ransomware attacks targeting the nation’s critical cloud infrastructure. 

The advisory warns of the high probability and severe damage potential of these attacks, particularly those orchestrated by the Phobos ransomware group.

According to ngCERT, the most at-risk entities include providers of information technology and telecommunication services. These sectors are particularly vulnerable as they often manage cloud services for critical government agencies, financial institutions, telecommunications, education, healthcare services, and NGOs in Nigeria. 

“ngCERT has detected an increase in ransomware attacks by the Phobos ransomware group, specifically targeting critical cloud service providers within our national cyberspace. We are actively collaborating with vulnerable and affected organisations to swiftly resolve these incidents and prevent further escalation. 

“The most at-risk entities include providers of information technology and telecommunication services, such as managed cloud services, whose clients include critical government agencies, financial institutions, telecommunications, education, healthcare, service providers, and NGOs in Nigeria.”

The advisory emphasises the need for these organisations to proactively implement mitigation strategies to prevent the spread of malware.

Recent intelligence has revealed a surge in ransomware activities aimed at cloud service providers key to Nigeria’s cyberspace. The Phobos group has been particularly aggressive, targeting entities that include government agencies, financial institutions, healthcare services, and NGOs. 

These attackers exploit vulnerabilities in these systems to gain unauthorised access, encrypt data, and demand ransoms. 

Phobos ransomware operatives typically infiltrate networks using phishing campaigns and IP scanning tools to find susceptible Remote Desktop Protocol (RDP) ports. They exploit these vulnerabilities to execute hidden payloads and gain control over systems. 

Upon accessing an exposed RDP service, they use brute force tools to escalate privileges and deploy additional malware. Key tools in their arsenal include lsass.exe and cmd.exe for command execution and tools like Smokeloader for payload delivery.

Indicators of compromise associated with these attacks include emails from finamtox@zohomail.eu, potentially related to the Phobos ransomware group. The file format often used is filename.id[xxxxxxx-xxxx].email.xshell.

Organisations affected by Phobos ransomware may experience a range of serious consequences. These include system compromises and data breaches, ransom payments to restore access, data encryption leading to operational lockouts, financial losses, Denial of Service (DoS) attacks, and fraudulent activities using compromised systems.

ngCERT recommends several measures to combat these threats. Organisations should secure RDP ports and prioritise the remediation of known vulnerabilities. Implementing Endpoint Detection and Response (EDR) solutions to disrupt malicious activities is also important. 

Again, disabling unnecessary command-line and scripting activities can prevent unauthorised access. Segmenting networks to prevent the spread of ransomware and regularly updating and enabling real-time antivirus detection are also advised. 

Conducting audits of user accounts and administrative privileges helps maintain a secure environment. Maintaining multiple, secure backups of vital data and disabling hyperlinks in received emails to prevent phishing attacks are essential preventive measures.

Organisations are urged to adopt these mitigation strategies to protect their systems from the escalating ransomware threat. Regular updates, vigilant monitoring, and robust security protocols are essential to safeguard against these sophisticated cyber-attacks.

Loading

Advertisements
MTN ADS

Author

  • Joan Aimuengheuwa
    Joan Aimuengheuwa

    Joan thrives at helping individuals and businesses scale via storytelling...

    View all posts
0Shares
Tags: CybercrimecybercriminalscybersecurityInformation TechnologyNigeria Computer Emergency Response Team (ngCERT)Phobos ransomware groupransomware attackstelecommunication services
Joan Aimuengheuwa

Joan Aimuengheuwa

Joan thrives at helping individuals and businesses scale via storytelling...

Next Post
Ecobank Single Market Trade Hub

4000 Businesses Now Connected on Ecobank Single Market Trade Hub

Comments 1

  1. Pingback: Apple Warns iPhone Users of Increasing Mercenary Spyware Attacks

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

I agree to the Terms & Conditions and Privacy Policy.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Recommended

#BitcoinCrash

#BitcoinCrash Trends as 176,000 Traders Count Losses

2 years ago
Trump Threatens 25% Levy on iPhones Made Abroad

Trump Threatens 25% Tariff on iPhones Made Outside U.S.

1 month ago

Popular News

    Connect with us

    • About
    • Advertise
    • Careers
    • Contact Us

    © 2025 TECHECONOMY.

    No Result
    View All Result
    • News
    • Tech
      • DisruptiveTECH
      • ConsumerTech
      • How To
      • TechTAINMENT
    • Business
      • Telecoms
      • Mobility
      • Environment
      • Travel
      • StartUPs
        • Chidiverse
      • TE Insights
      • Security
    • Partners
    • Economy
      • Finance
      • Fintech
      • Digital Assets
      • Personal Finance
      • Insurance
    • Features
      • IndustryINFLUENCERS
      • Guest Writer
      • EventDIARY
      • Editorial
      • Appointment
    • TECHECONOMY TV
    • Apply
    • TBS
    • BusinesSENSE For SMEs

    © 2025 TECHECONOMY.

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In
    Translate »
    This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.