News

Cyberattacks: NITDA cautions against hacking group masquerading as USAID

1 Mins read

The National Information Technology Development Agency (NITDA) has urged Nigerians to beware of a widespread malicious email campaign undertaken by a hacking group, Nobelium.

NITDA warned that the group is masquerading as the US Agency for International Development (USAID).

Mrs Hadiza Umar, NITDA Cooperate Affairs and External Relations’ Head, gave the warning in a statement she issued late on Sunday in Abuja.

Umar said the malicious group, uncovered by Microsoft company, had been discovered to leverage the legitimate mass-mailing service, to masquerade as USAID and distribute malicious Uniform Resource Locator (URLs) to a wide variety of organisations.

According to her, the group targets government organisations, Non-Government Organisations, think-tanks, the military, IT service providers, health, technology and telecommunications providers.

“Their antics involve the use of emails claiming to be an alert from USAID about new documents published by former President Donald Trump about election fraud.

“Once users click the link in the email, the URL would direct them to the legitimate Constant Contact Service and then redirect to Nobelium-controlled infrastructure through a URL that delivers a malicious International Organisation for Standardisation (ISO) file.

“This in turn enables the criminals to execute further malicious objectives, such as lateral movement, data exfiltration and delivery of additional malware,” she said.

The official further advised Nigerians to be wary of such criminals masquerading as USAID and turn on cloud-delivered protection in Microsoft Defender Antivirus or the equivalent to cover rapidly evolving attacker tools and techniques for mitigation.

She further said people should run Endpoint Detection and Response (EDR) in block mode to enable antivirus to block malicious artifacts because the EDR in block mode works behind the scenes to remediate malicious artifacts that were detected post-breach.

“Enable network protection to prevent applications or users from accessing malicious domains and other malicious content on the Internet.

“Enable investigation and remediation in full automated mode to allow antivirus take immediate action on alerts to resolve breaches.

“Use device discovery to increase your visibility into your network by finding unmanaged devices on your network and onboarding them

“Enable Multi-Factor Authentication (MFA) to mitigate compromised credentials and block all office applications from creating child processes,” she advised.

Umar said the mitigations should be applied by users and administrators.

She also said Nigerians could report an incident by contacting NITDA’S Computer Emergency Readiness and Response Team via email support@cerrt.ng or telephone +2348178774580.

   

About author
Time Nigeria is a general interest Magazine with its headquarters in Abuja, the nation’s Capital.
Articles
Related posts
Cover StoryNews

SDNON Elects Adeniyi Ifetayo, Gbenga Shaba as President, Vice President Amidst Keenly Contested Election

1 Mins read
The Society of Digital Newspaper Owners of Nigeria (SDNON) has successfully concluded its 2024 executive elections, ushering in a new leadership team…
Cover StoryNewsSecurity

HMOD Lauds NAF's Operational Readiness, Symbolically Fags Off Air Campaign Under Operation Fansan Yamma

1 Mins read
The Honourable Minister of Defence (HMOD), Dr Mohammed Badaru Abubakar CON mni, visited the Air Component of Operation FANSAN YAMMA in Katsina…
Cover StoryNewsPolitics

With Commitment, Resilience We Will Defeat Banditry, Terrorism — Defence Minister, Badaru

1 Mins read
The Honourable Minister of Defence H.E. Mohammed Badaru Abubakar CON mni has called on the Nigerian Airforce to intensify the use of…
Stay on the loop!

Subscribe to our latest news.

Leave a Reply

WP2Social Auto Publish Powered By : XYZScripts.com