New cyber attacks hit Nigeria

The Cyber ​​Security Incident Response Team (NCC-CSIRT) of the Nigerian Communications Commission has independently identified two cyber vulnerabilities and advised Nigerian telecom consumers on the measures to be taken to protect against cyber attacks.

The CSIRT has only identified the two cyber attacks targeting consumers in its very first security advisories, less than three months after it was created, and offers solutions that can help telecom consumers fall victim to the two cyber vulnerabilities, a statement by NCC said on Friday.

The first is called juice jacking, which can gain access to consumers’ devices when charging cell phones at public charging stations and applies to all cell phones, according to the NCC.

It added that the other is a Facebook Android friend acceptance vulnerability that only targets the Android OS.

According to CSIRT Security Advisory 0001, published on January 26, 2022, attackers have used juice jacking as a new way to gain unauthorized access to the devices of unsuspecting mobile phone users when they charge their mobile phones at public charging stations.

Many public areas, restaurants, shopping malls and even on the public trains offer their customers complementary services to improve customer service, one of which is the provision of charging ports or sockets.

However, an attacker can use this courtesy to load a payload into the charging station or onto the cables he would leave plugged into the stations.

NCC said: “Once unsuspecting individuals plug their phones into the charging dock or cable left by the attacker, the payload is automatically downloaded to the victim’s phone.

“This payload then gives the attacker remote access to the cell phone, allowing them to monitor the data being transmitted as text or audio through the microphone.

“The attacker can even watch the victim in real-time if the victim’s camera is not covered.

“The attacker also gains full access to the gallery and also to the phone’s Global Positioning System (GPS) location.

If an attacker gains access to a user’s cell phone, they will gain remote access to the user’s phone, leading to a breach of confidentiality, a breach of data integrity, and bypassing of authentication mechanisms.

According to NCC, symptoms of an attack can include a sudden increase in battery drain, the device running slower than usual, apps that take a long time to load and often crashing when loading, causing abnormal data usage.

However, the NCC-CSIRT offered solutions to this attack, including using a “charge-only USB cable” to avoid a USB (Universal Serial Bus) data connection; Use of the AC charging adapter in public space; and don’t trust portable devices prompts for USB data connection.

Other preventive measures against juice jacking include installing antivirus and updating to the latest definitions; keep mobile devices up to date with the latest patches; Use of your own power bank; Keep mobile phone off when charging in public places; as well as ensuring the use of a dedicated charger when charging in public.

On the other hand, the January 27, 2022 NCC-CSIRT Advisory 0001 warns that Facebook for Android is vulnerable to a permissions issue that grants anyone with physical access to the Android device the right to accept friend requests without unlocking the phone.

Affected products include Android OS versions 329.0.0.29.120.

With it, the attacker can add the victim as a friend and collect victim’s personal information such as email, date of birth, check-ins, mobile phone number, address, pictures and other information the victim may have shared, which is only for his/her friends would be visible.

However, to be protected from the Facebook-related vulnerability, NCC-CSIRT’s security advisory recommended users to disable the feature in their device’s lock screen notification settings.

The NCC-CSIRT was inaugurated in October 2021 to provide guidance and guidance to constituents on how to deal with issues related to the security of critical infrastructure in their possession, regularly assessing, reviewing and compiling the threat landscape, risks and opportunities across the communications sector in order to to advise relevant stakeholders in this regard.

A specific telecoms industry intervention whose objective aligns with the objective of the National Cybersecurity Policy and Strategy (NCPS) document published by the Office of the National Security Adviser (ONSA), the NCC-CSIRT ensures the continuous improvement of processes and communication frameworks to ensure a secure and collaborative sharing of timely information while responding to cyber threats within the sector.

More recently, the NCC-CSIRT has raised a number of cyber vulnerability awareness sessions based on security advisories it receives from Nigeria’s Cybersecurity Emergency Response Team (ngCERT), the national body responsible for implementing the NCPS target.

However, Juice Jacking and Facebook for Android Friend Acceptance Vulnerabilities are the two very first cyber vulnerabilities released by the NCC-CSIRT.

Comments are closed.