Nigerian banks and other corporate organisations globally have been put on red alert over new and advanced internet scammers operating within the country.
This is coming as the Central Bank of
Chief Information Security Officer, CBN, Mr.
Speaking on the topic, "Ensuring Information Security Assurance through Policy Framework," Longe said cyber security has become an issue the central bank was taking with all seriousness and thoroughness, especially in the cashless economy regime.
He said the cashless scheme would go live nationwide next month, adding that CBN was not unaware of the need to collaborate with various stakeholders to ensure that banks and other players in the financial services sector ensured maximum information security.
According to him, information security is concerned with the confidentiality, integrity and availability of data regardless of the form the data takes, whether electronic, print or otherwise.
Longe said, "financial institutions, hospitals, telecommunication corporations and private businesses, among others, amass a great deal of confidential information about their customers, employees, products, research findings and financial status.
He explained that the market value of global cyber crime had reached
Longe said the rising wave of cyber crime globally was alarming "and it is on that basis that
However, Palo Alto's new 419 Evolution report reveals that although experts in social engineering with their infamous advance-fee fraud scams, Nigerian cyber criminals are novices when it comes to launching malware campaigns.
The vendor's newly created Unit 42 threat intelligence arm detailed one such campaign, Silver Spaniel, aimed at its Taiwanese and South Korean customers.
The malware in question, NetWire, is a Remote Administration Tool (RAT) readily available on underground forums.
Typically it's hidden in an email attachment, with the attackers opting thus far not to exploit any software vulnerabilities but instead relying on social engineering to trick users into installing the RAT.
The attackers apparently configure each RAT to connect to a No-IP dynamic DNS domain and use a VPN to hide their IP address. Popular crypter tool, DataScrambler, is also used to help evade detection by many AV tools, the report said.
"Silver Spaniel actors' objective appears to be stealing passwords and other data they can use to further compromise their victim," it continued. "Thus far we have not observed any secondary payloads installed or any lateral movement between systems but cannot rule out this activity," the report claimed.
"It's clear that their efforts are still a work in progress, given the 'tactics, techniques and procedures' used are relatively unsophisticated. For example, several attackers have been spotted by Palo Alto because they exposed their IP address," the report claimed.
Most Popular Stories
- PBS Series Examines America's Demographic Shift
- Tim Cook Has Proved That Apple is His Baby
- Royals Beat A's in 12-inning Wild Card Thriller
- Construction Spending Down Again for August
- Texas Sees Gains in Hispanic College Enrollment
- Americans Bet Big on Gambling Industry
- California's Ban on Plastic Bags: What Now?
- Petri Likely Broke House Ethics Rules
- Exxon Gives Nod to Fracking Risks
- Morgan: 'Can't Believe' Wal-Mart Blaming Him