Rasomeware: How Scammers Steal Employees Credentials To Gain Access Into Cisco Network—NCC

Ransomware attacks have become a major threat to most organisations and individuals as regulators and cybersecurity experts are advocating for the adoption of stronger cybersecurity measures.

In Nigeria, telecom regulator, the Nigerians Communications Commission has advised organisations to scale up measures like ensuring their employees use strong, unique passwords for every account and enabling multi-factor authentication.

Also, the NCC said organizations must ensure regular systems backup.

Ransomware is a malware designed to deny a user or organization access to files on their computer until they pay the attackers ransom.

In a statement on Tuesday, the commission’s Computer Security Incident Response Team (NCC-CSIRT) explained one of the instances where Yanluowang ransomware group gained access to Cisco’s network in May, 2022.

The CSIRT said the ransomware found its way into Cisco’s network “using an employee’s stolen credentials after hijacking the employee’s personal Google account containing credentials synchronised from their browser.”

On August 10, 2022, a list of files from this security incident on the dark web was published.

But Cisco denied the impact of the security breach on its activities.

Cisco, is an American technology conglomerate corporation with headquartere in San Jose, California.

Cisco specializes in specific tech markets like the Internet of Things (IoT) and domain security among others.

The NCC said the breach could cause potential deployment to compromise computer systems, sensitive products and customers’ data theft and exposure.

According to the regulator, Cisco would be prone to huge financial loss as well as mar their reputations.

The regulator said, “In response to the attack, Cisco has immediately implemented a company-wide password reset. Users of Cisco products should ensure a successful password reset.

“As a precaution, the company has also created two Clam AntiVirus signatures (Win.Exploit.Kolobko-9950675-0 and Win.Backdoor.Kolobko-9950676-0) to disinfect any potentially compromised assets. Clam AntiVirus Signatures (or ClamAV) is a multi-platform antimalware toolkit that can detect a wide range of malware and viruses.”