Nigerian agency says it’s working to protect cloud providers from ransomware attacks

·
July 10, 2024
·
2 min read
cyberattack

The news: 

  • The Nigeria Computer Emergency Response Team (ngCERT), in protecting the country’s cyberspace from incidents like data breaches and denial-of-service (DoS) attacks, says critical Nigerian-based cloud service providers are targets of potential Phobos ransomware attacks. 
  • According to the government agency, there has been a rise in ransomware attacks targeting local cloud service providers. In response, the agency has collaborated closely with vulnerable and affected organisations to swiftly address and contain these incidents, aiming to prevent further escalation.
  • ngCERT disclosed that the most at-risk entities are information technology and communications services providers whose client base includes government agencies, financial institutions, telecom service providers, and non-governmental organisations in Nigeria, among others. 

Explaining the Phobos malware in a statement released on Monday, July 8, 2024, ngCERT noted that the ransomware-as-a-service enters vulnerable networks through phishing emails or IP scanning tools for identifying susceptible Remote Desktop Protocol (RDP) ports by delivering stealth payloads. 

Once in an organisation’s system, the ransomware encrypts the information and delivers ransom notes via emails, voice calls, or instant messaging platforms, giving the attacker free rein to commence extorting the victims. 

A successful Phobos attack could lead to system compromise, data loss, DoS, ransom payments, financial losses, and fraudulent activity, the agency said.

As a proactive measure, the agency has advised relevant organisations to implement mitigation strategies outlined in this document to help forestall the spread of malware.

Advertisement

TechCabal reports that at least one local cloud provider has been infiltrated with the Phobos ransomware, but has yet to name the company. 

Hackers took over the company’s infrastructure and encrypted their files, the same person said, declining to provide a timeline for the ransomware attack because he was not authorised to comment. 

READ MORE   Jumia losses dropped by 34% in 2020, yet it witnessed slower growth

The news of increased ransomware attacks might jeopardise the competitive edge of Nigerian cloud providers, which in recent years have been promoting themselves as more affordable and reliable alternatives to AWS and Microsoft Azure to companies seeking to cut cloud expenses. 

Earlier in the month, a report emerged that as many as five Nigerian cloud providers were lobbying the government to become their preferred choice for hosting sensitive government data. It remains to be seen how the recent news of ransomware attacks targeting these providers will impact the local cloud service business.

Subscribe To Techpoint Digest
Join thousands of subscribers to receive our fun week-daily 5-minute roundup of happenings in African and global tech, directly in your inbox, hours before everyone else.
This is A daily 5-minute roundup of happenings in African and global tech, sent directly to your email inbox, between 5 a.m. and 7 a.m (WAT) every week day! 
Digest Subscription

Give it a try, you can unsubscribe anytime. Privacy Policy.

Other Stories
43b, Emina Cres, Allen, Ikeja.

 Techpremier Media Limited. All rights reserved
magnifier