Connect with us

Security

NITDA Advises Nigerians To Be Wary Of IGVM Ransomware

Published

on

NITDA Advises Nigerians To Be Wary Of IGVM Ransomware, SiliconNigeria

The National Information Technology Development Agency (NITDA) has advised Nigerians to be wary of IGVM, a file-encrypting Ransomware infection that restricts access to data (documents, images, videos) by encrypting files with the “igvm” extension.

The ransomeware attempts to extort money from victims by requesting for “ransom”, in the form of Bitcoin cryptocurrency in exchange for access to data. This crypto-virus spreads in different methods like web injectors, pirated software, spam emails, malicious software bundles, fake software updates, and deceiving online ads.

A statement by Head, Corporate Affairs and External Relations, NITDA, Mrs Hadiza Umar said the primary task of IGVM ransomware virus is to check your computer system for target file formats and encrypt them using a private RSA key. Once virus locks the files, it then runs several commands via CMD.exe to delete Volume Shadow Copies from your system.

“It equally prevents the victims from restoring their file copies for free, using Windows tools. Next, the virus modifies Windows HOSTS file by adding a list of domains to it. These domains are mostly computer or IT-relates websites, so the attackers capitalize on this measure to prevent the victim from seeking help or information online.

She said NITDA is hereby urging general public to follow these recommendations: Ensure regular data backup and recovery plan for all critical information; Use application whitelisting to help prevent malicious software and unapproved programs from running; and Keep operating system and software up-to-date with the latest patches.

“Maintain up-to-date anti-virus software, and scan all software downloaded from the internet before installing; Do not follow unsolicited web links in emails; Do not download or open suspicious email attachments; and Do not open emails from suspicious recipients.

“Furthermore, if paying up seems like the only reason to get your files back, we strongly advise against ransom payments. Various cybersecurity experts do not recommend paying up due to the following reasons: The criminals might stop responding as soon as you transfer money to their virtual wallet address; The so-called decryption tool can be faulty or fail to work due to data modification on your end;

“Avoiding funding this illegal business model. The fact that ransomware operators collect millions in ransoms each year simply encourages people to join this cybercrime industry. To report an incident, contact NITDA CERRT via email support@cerrt.ng or via telephone +2348178774580,” she wrote.

Continue Reading
Advertisement Advertisement
Click to comment

Leave a Reply

Security

Hidden Tricks and Tools Embedded in your Free VPN

Published

on

Hidden Tricks and Tools Embedded in your Free VPN, SiliconNigeria

By Muyiwa Awosile

Since the Federal Government of Nigeria implemented the ban on Twitter, many Nigerians have resorted to using Free Virtual Private Network (VPN) software to bypass the restrictions put in place by the Internet Service Providers in the country (ISPs) on their networks.

A VPN software works by creating a secure connection between a user’s device and the internet. When you connect to the internet through a VPN software, all the data traffic from your device is sent through an encrypted virtual tunnel and this can make you safer, anonymous and freer on the internet as you’ll be able to access websites and online services that would otherwise be blocked.

There are two main types of VPN software – the FREE ones (which are more popular with Nigerians) and the Premium ones which you have to pay a subscription for. Using a free VPN could actually make you less safe online, cost you more than you realise, and ruin your entire internet experience. Premium VPNs on the other hand offer a lot more protection, for a small fee, without the hidden dangers that Free VPNs expose users to. Before using a free VPN, you need to be aware of the drawbacks associated with them. Five of these are explained below.

Your Security could be Compromised

One of the primary purposes of a VPN is to protect you from hackers but unfortunately some VPNs actually contain malware, adware or other malicious software which can compromise your device leading to security breaches. A lot of the malware is related to advertising as free VPN software developers rely on advertising for revenue.

Online Activity Tracking

A major reason people use VPNs is to protect their privacy while browsing the internet but unfortunately many free VPNs have third-party trackers embedded in the software. These trackers are used to gather data on the user’s online activity, so advertisers are better able to target users with ads. So instead of providing users with privacy, the VPNs are doing the exact opposite, by collecting user information and selling it to the highest advertising bidder.

Limited Data Usage

Many free VPNs limit the amount of data you can use. They do this to push users into upgrading to a paid plan out of sheer frustration.

Slower Internet Speed

Free VPNs can also lead to slower internet speeds leading to a frustrating user experience. This is because traffic from the free version is sometimes deprioritised when compared to the paid or premium versions. Free VPNs can also slow down your internet speeds when targeted ads are displayed. The justification for the ads is that since users are not paying any monthly subscriptions, free VPNs need another way to make money off them.

Potential vulnerability to botnets

A botnet infects a large number of individual computers or devices with malware and harnesses them together to carry out an attack. Some VPN products are designed to harness the processing power from the devices of their free users and offer that power to their paying customers for profit. This is of serious concern as cyber criminals are able to exploit this vulnerability to launch attacks on unsuspecting VPN users.

VPNs are complicated software that require a great deal of investment to create and maintain. They constantly need to keep up with the ever-changing world of internet privacy. That is why Free VPN providers try to cover their costs and generate revenue from their users by embedding hidden tools and tricks. These tactics are not only dangerous and risky but completely negate the principles of security and privacy that VPNs are supposed to be built for in the first place.

Muyiwa Awosile is a Cybersecurity and Data Privacy Consultant and Managing Director of Tros Technologies. He could be reached via 01 630 9573 ext 105 or hello@trostechnologies.com

Continue Reading

Africa Region

NITDA, Kaspersky, DELL, Others Address ‘New Normal’ With Cybersecurity In Africa

Published

on

NITDA Kaspersky DELL Others Address ‘New Normal’ With Cybersecurity In Africa, SiliconNigeria

With an aim to develop counterintelligence to tackle the increasing number of cybercrimes in Africa, Tradepass hosted more than 1500 cyber enthusiasts virtually at the 3rd edition of CyFrica recently.

With global pandemic impacting around the world, Africa experienced a surge in the remote working (work-from-home) figures with an increased usage of insecure remote/home servers, making the region more vulnerable to cybercrimes.

CyFrica 2021: LIVE laid out the best practices required for public and private enterprises to understand the threats surrounding the digital landscape and the necessary measures to mitigate the whole issue.

“From time to time, there is a need for risk assessment to evaluate the risk of this new normal which is working remotely”, said Dr. Mohammed Onimisi Yahaya, Assistant Director, National Information Technology Development Agency (NITDA) at the recent virtual conference CyFrica 2021: LIVE last month.

Kaspersky’s Head of Research Center META, Dr. Mohamad Amin Hasbini, while sharing his insight on the current pandemic period mentioned, “The attackers will continue to exploit the pandemic without any shame or restriction as they have not even spared the medical research centers that are working on developing the vaccine”.

Dell Technologies – DPS Division’s Manager of Systems Engineering, Ravi Baldev said, “If you want to protect your digital transformation journeys, you got to have the right mechanisms”, while enlightening all the participants on data protection.

Talking about cyber resilient strategies for businesses, Enrico Salvatori, Business Consultant – Security at Micro Focus stated, “A resilient organization is one that understands how to anticipate threats, withstand problems, recover from breaches and evolve to the next version of itself”.

The virtual summit covered a variety of topics like ‘Securing the future of work with Cyber AI’, ‘Diplomacy in Cyberspace’, ‘Africa’s Cyber Security Culture’ and many others. The summit also threw light on the emerging, new-age technologies and discussed the vulnerabilities faced by the 5G networks in Africa.

Moreover, it left no stone unturned while giving an analysis about cybercrimes and security, every piece of industry intelligence related to Cloud Management, Malwares, Ransomware, Implementing the Zero Trust framework, Banking Trojans, Security Breaches, AI for cyber security, etc.

Continue Reading

Security

Senate Mulls Legal Backing for National Emergency Number 112

Published

on

Senate Mulls Legal Backing for National Emergency Number 112, SiliconNigeria

Nigeria’s upper legislative chamber, The Senate, has taken further steps towards strengthening the legal status for the country’s National Emergency Number 112, being implemented by the Nigerian Communications Commission (NCC) though it’s Emergency Communication Centres (ECC).

The Senate Committee on Communications recently organised a one-day public hearing where stakeholders gathered to make valuable contributions and observations on two bills by the Senate Committee on Communications. These are the Nigerian Postal Service Act (Repeal and Establishment) Bill, 2021 and the Nationwide Toll-Free Emergency Number (Establishment) Bill, 2021, being sponsored by Senator Ibikunle Amosun of Ogun State.

The emergency number bill passed the second reading on Wednesday, April 21, 2021 and the recent Senate public hearing on the bill was to have extensive discussion towards making the bill more robust to ensure a more effective, uniform and well-coordinated national emergency number 112, when it is finally passed into law, similar to the 999 emergency number in the United Kingdom and 911 in the United States.

Speaking at the public hearing, Senate President, Dr. Ahmed Lawan, stressed the desirability of the passing of such a bill into an Act of national Assembly, adding that the critical role of communication in modern day, especially in handling emergency situations cannot be over-emphasized.

Similarly, the Chairman of the Senate Committee, Oluremi Tinubu, said the bill, when passed, will establish the Nationwide Toll-Free Number as a primary emergency number and contact point for all emergency services in Nigeria, thereby harmonizing the various emergency numbers in the country into one uniform number while, at the same time, empowering the NCC to supervise and ensure compliance.

Represented by his colleague, Senator Odebiyi Akinremi, Senator Amosun said the bill seeks to make 112 the Emergency Number of Nigeria, stating that “this will enable citizens have access to quick and timely response in respect of all forms of emergency situations such as road accidents, fire outbreaks, burglary , medical emergencies and so on.”

Also speaking, the Minister of Communications and Digital economy, Dr. Isa Ali Ibrahim Pantami, commended the Senate for organizing the public hearing. The Minister said while NCC had established functional ECCs across 23 states and the Federal Capital Territory (FCT), Abuja, efforts are in top gear to ensure ECC is established in the remaining 13 states of the Federation for the processing of the emergency calls through the 112 Number.

At the public hearing, the Executive Vice Chairman of NCC, Prof. Umar Garba Danbatta, made a number of valuable recommendations that will make the bill, which he said might be cited as the ‘National Emergency Communication Act, 2021’ when passed into law, more effectual in terms of board composition, scope as well as ability to accommodate emergency services by different statutory and regulatory agencies.

Continue Reading

Popular News

%d bloggers like this: