Information Technology Systems and NEWS RELEASE: ITSSP OFFICE, NIGERIA – 21st May, 2017 Security Professionals (ITSSP)
RANSOMWARE ATTACK: A CALL FOR MORE VIGILANCE
This is a type of malware that is used by cyber criminals to launch digital assets or systems’ kidnapping. It is perpetrated for monetary gain, and the victim is usually notified of the exploit and guided on how to recover from the attack
Some of the signs are:-
- Locking of accounts
- Locking of system’s screen
- Locking of users’ files
- Infection of systems
- Encryption of digital assets
- Blackmails of users
- And many other
The Latest Wave of Ransomware Attack
The latest crime in the cyber world occasioned by WannaCry ransomware attack has been intimidating. The available statistics showed a staggering figure of more than 300,000 online users in about 150 countries. In some of these cases, systems that support mission-critical applications were affected and some individuals have their means of livelihood put on hold. The situation was so bad that the usability of computerized and internet-supported solutions is being challenged. Although, some level of succors came from certain cyber security experts and organizations by proving immediate security solutions ranging from blocking suspicious attacks to release of security patches.
We still do not know who is responsible for WannaCry attacks, but we do know that the ransomware was developed out of exploits leaked or stolen earlier this year from America’s National Security Agency (NSA), which had been stockpiling them for use in surveillance.
It is believed that this attack is one of the series of cyber attacks that will be perpetrated in the coming days. The WannaCry ransomware attack is a wake call for individuals, government and business.
Some other Known Sources of Ransomware
Ransomware are unknowingly installed by online users from a number of sources such as:
Phishing/SPAM emails: According to an online report from CSO, 90% of ransomware-based attack used phishing emails as attack vector. Therefore, users should be wary of messages from unknown sources promising reward, update or threat to suspend service. File extensions such as .aaa, .abc or 6-7 length extension of random characters are considered to be dangerous..
Downloader and Trojan Botnets: Certain software-hosting websites, especially free-downloading sites usually have hidden functionality which host malware/ransomware without the user noticing it.
Social engineering tactics: Ransomware can infect users’ system from online social networks in form of advertisement or downloadable manual of certain process.
Traffic Distributed Systems (TDS): In this case, cyber-criminals buy redirected web traffic to the site hosting the exploit kit so as to enable the drive-by–download of the malware.
- Awareness and Education
A key asset in the fight against ransomware is education. There is always a need for security experts, IT professionals, corporate organizations and individuals to keep sensitizing the public on the dangers and threats of Ransomware. They need to be aware that Ransomware exists in its various forms andwhat they can do to protect their systems. It does not matter how many firewalls, encryption software, certificate or two-factor authentication mechanisms an organization has,socially engineered attacks can still be perpetrated. Therefore, organizations and individuals using IT products/Internet-enabled solutions should invest in cyber security education through the use of appropriate techniques/methods such as:
- Use of office bulletin for cyber security education
- Dissemination of latest security breach to IT staff
- Use of games to communicate the dangers of security breach
- Regular evaluation of security preparedness of IT staff to security breach
- Regular workshops and seminars on management of emails, social network sites and other trending IT products
- Collaboration in sharing new security solutions among IT industries.
- Use of print and electronic media to inform the global public.
- IT Professionals Must Do The Needful
The WannaCry attacks were focused on older versions of the Windows operating system (OS) which are no longer automatically supported by Microsoft. Therefore, the biggest impacts are being felt in organisations with outdated software in countries like China and Russia, where many people use pirated software that do not receive regular vendor updates.
Organisations and Government agencies must not always be interested in saving money by delaying or ignoring software upgrades because of the critical effect on IT-based systems. The potential cost of running unsecure systems is much higher than ensuring adequate protection of critical IT infrastructure.
The use of updated software, downloading security patches from trusted sources, upgrading of OS on networked systems to latest versions, activating of Windows Defender Anti-virus, installation of credible anti-malware systems are the immediate ways of mitigating this attack.
- Adequate Reporting of Attack Incidences
For effective planning and prevention of cyber crimes, attacks incidences must be adequately reported. Though, agencies of government such as National Information Technology Development Agency (NITDA) and Office of the National Security Adviser have Computer Emergency Response Teams (Units). Unfortunately, these platforms are not quite efficient and unknown to majority of the citizenry. Presently, ITSSP has initiated a project on developing an effective and robust online platforms for reporting attack incidences to complement the existing ones. With this proposed platform, ITSSP will be able to provide realistic statistics on cyber attacks to government and organizations with a view to mitigate against them. ITSSP thereby seeks the support of all stakeholders in realizing this noble idea.
Information Technology Systems and Security Professionals (ITSSP), is an InfoTech security group of the Nigeria Computer Society (NCS), which has the mandate of protecting digital assets and all IT-based systems in Nigeria. The group is also involved in disseminating IT security solutions among various stakeholders in IT industries through regular workshops, seminars and other enlightenment programmes.
For more information on ransomware and other activities of ITSSP, kindly visit http//itsspng.org.ng
Prof. A. S. Sodiya