NCC Warns Telecom Consumers About 2 Cyber Vulnerabilities

NCC Warns Telecom Consumers About 2 Cyber Vulnerabilities

1/29/2022 10:59:00 AM

NCC Warns Telecom Consumers About 2 Cyber Vulnerabilities

The Nigerian Communications Commission’s Cyber Security Incident Response Team (NCC-CSIRT) has independently identified two cyber vulnerabilities and

“When an attacker gains access to a user’s Mobile phone, he gets remote access to the User’s phone which leads to breach in Confidentiality, Violation of Data Integrity and bypass of Authentication Mechanisms. Symptoms of attack may include sudden spike in battery consumption, device operating slower than usual, apps taking a long time to load, and when they load they crash frequently and cause abnormal data usage,” the statement added.

ADVERTISEMENTThe NCC-CSIRT however, proffered solutions to this attack to include using ‘charging only USB cable’, to avoid Universal Serial Bus (USB) data connection; using one’s AC charging adaptor in public space; and not granting trust to portable devices prompt for USB data connection.

Read more: LEADERSHIP NEWS »

Family Of 13-Year-Old Boy Flogged To Death By Lagos Teacher Accuses School Of Cover Up | Punch

The family of a 13-year-old boy, Oluwatobiloba Emmanuel, who was flogged to death by his teacher, has accused his school, Simple Faith Schools, Agbara, Lagos... Read more >>

NCC Warns Telecom Consumers About Two Cyber VulnerabilitiesThe Nigerian Communications Commission’s Cyber Security Incident Response Team (NCC-CSIRT) has independently identified two cyber vulnerabilities and

How cyber attackers access mobile phones when charging in public -NCCcyber attackers to gain unauthorised entry into unsuspecting mobile phone users devices when they charge their mobile phones at public charging All of a sudden they sound tech savvy mtcheww

Cyber-stalking: We are not backing down on Malabu scandal - HEDAChairman of the Human and Environmental Development Agenda (HEDA) Resource Centre, Mr. Olanrewaju Suraju yesterday said he would not be cowed to back down in the case of the Oil Prospecting License (OPL) 245 popularly known as the Malabu scandal.

Fresh cyber attacks hit NigeriaThe Nigerian Communications Commission’s Cyber Security Incident Response Team (NCC-CSIRT) has independently identified two cyber vulnerabilities and advised Nigerian telecom consumers on the measures to be taken to get protected from the cyber-attacks.

NCC widens ICT options to empower youths — DanbattaThe Executive Vice Chairman of the Nigerian Communications Commission (NCC), Professor Umar Garba Danbatta has disclosed that NCC has put various Information Communication Technology (ICT) youth empowerment initiatives in place to help the youths.

NCC Warns Telecom Consumers About Two Cyber VulnerabilitiesThe Nigerian Communications Commission’s Cyber Security Incident Response Team (NCC-CSIRT) has independently identified two cyber vulnerabilities and

49 mins ago “When an attacker gains access to a user’s Mobile phone, he gets remote access to the User’s phone which leads to breach in Confidentiality, Violation of Data Integrity and bypass of Authentication Mechanisms. Symptoms of attack may include sudden spike in battery consumption, device operating slower than usual, apps taking a long time to load, and when they load they crash frequently and cause abnormal data usage,” the statement added. ADVERTISEMENT The NCC-CSIRT however, proffered solutions to this attack to include using ‘charging only USB cable’, to avoid Universal Serial Bus (USB) data connection; using one’s AC charging adaptor in public space; and not granting trust to portable devices prompt for USB data connection. Other preventive measures against Juice Jacking include installing Antivirus and updating them to the latest definitions always; keeping mobile devices up to date with the latest patches; using one’s own power bank; keeping mobile phone off when charging in public places; as well as ensuring use of one’s own charger, if one must charge in public. On the other hand, the NCC-CSIRT Advisory 0001 of January 27, 2022, warned that Facebook for Android is vulnerable to a permission issue which gives privilege to anyone with physical access to the android device to accept friend requests without unlocking the phone. The products affected include Versions 329.0.0.29.120 of Android OS, the commission said. “With this, the attacker will be able to add the victim as a friend and collect personal information of the victim, such as Email, Date of Birth, Check-ins, Mobile phone number, Address, Pictures and other information that the victim may have shared, which would only be visible to his/her friends. “However, to be protected from the Facebook-associated vulnerability, NCC-CSIRT in the security advisory recommends to users to disable the feature from their device’s lock screen notification settings,” it said. The NCC-CSIRT was inaugurated in October, 2021 to provide guidance and direction for the constituents in dealing with issues relating to the security of critical infrastructure in their possession, and periodically assess, review and collate the threat landscape, risks, and opportunities affecting the communications sector, in order to provide advice to relevant stakeholders in those regards. ADVERTISEMENT “As the telecoms-industry specific intervention, the objective of which aligns with the objective of the National Cybersecurity Policy and Strategy (NCPS) document published by the Office of the National Security Adviser (ONSA), the NCC-CSIRT ensures continuous improvement of processes and communication frameworks to guarantee secure and collaborative exchange of timely information while responding to cyber threats within the sector,” the statement said. In recent times, NCC-CSIRT has raised series of cyber-vulnerability awareness based on security advisories it receives from the Nigerian Cybersecurity Emergency Response Team (ngCERT), which is the national body for the implementation of the NCPS objective. However, Juice Jacking and Facebook for Android Friend Acceptance Vulnerabilities are the two first-ever cyber vulnerabilities published by the NCC-CSIRT.