Connect with us

    Hi, what are you looking for?

    Tech

    NITDA Cautions Nigerians on New Email-based Attack from Solarwind Hackers

    The National Information Technology Development Agency (NITDA) has cautioned Nigerians of a widespread malicious email campaign undertaken by the hacking group- NOBELIUM.

    The caution came as a result of information obtained by Microsoft, a world renowned multinational technology company, and made available to National Information Technology Development Agency (NITDA).

    Mrs. Hadiza Umar, head, Corporate Affairs and External Relations, NITDA, gave this warning in a statement released on Sunday.

    She stated that cybercriminals leveraged the legitimate mass-mailing service, to masquerade as a US-based development organisation and distribute malicious URLs to a wide variety of organisations especially government organisations, non-government organizations (NGOs), think-tanks, military, IT service providers, health technology and research, and telecommunications providers.

    Mrs. Umar explained the cybercriminals antics involve the use of emails claiming to be an alert from USAID about new documents published by former President Donald Trump about “election fraud.”

    According to her, “Once users click the link in the email, the URL would direct them to the legitimate Constant Contact Service and then redirect to Nobelium-controlled infrastructure through a URL that delivers a malicious ISO file.

    “This in turn, enables the criminals to execute further malicious objectives, such as lateral movement, data exfiltration and delivery of additional malware.

    She advised Nigerians to be wary of such criminals masquerading as USAID and follow the following recommendations:

     Turn on cloud-delivered protectionin Microsoft Defender Antivirus or the equivalent to cover rapidly evolving attacker tools and techniques.

     Run EDR in block mode to enable antivirus block malicious artifacts (EDR in block mode works behind the scenes to remediate malicious artifacts that are detected post-breach.)

     Enable network protection to prevent applications or users from accessing malicious domains and other malicious content on the Internet.

     Enable investigation and remediation in full automated mode to allow antivirus take immediate action on alerts to resolve breaches.

     Use device discovery to increase your visibility into your network by finding unmanaged devices on your network and onboarding them

     Enable multifactor authentication (MFA) to mitigate compromised credentials.

     Block all Office applications from creating child processes.

    Users and administrators are advised to review and apply the above mitigations.

    To report an incident, contact NITDA CERRT via email [email protected] or via telephone +2348178774580.

    Spread the love
    Click to comment

    Leave a Reply

    Your email address will not be published. Required fields are marked *

    ad

    You May Also Like

    Oil and Gas

    Leading oil and gas experts in Nigeria have called for the full adoption of digital technologies to overcome the complex challenges facing the country’s...

    News

    Russia’s Finance Ministry announced on Wednesday, September 24, that it plans to raise the country’s value-added tax (VAT) to help finance the ongoing war...

    Tech

    Lagos State has reaffirmed its position as Africa’s leading technology and innovation hub following the successful hosting of the GITEX Nigeria Tech Expo, Future...

    News

    The United States has reversed its visa restrictions on Ghana after the West African country agreed to accept west Africans deported by the United...