NCC-CSIRT warns against two cyber vulnerabilities, says NCC

The Nigerian Communications Commission’s Cyber Security Incident Response Team (NCC-CSIRT) has identified two cyber vulnerabilities and advised telecoms consumers on measures to get protected from cyber-attacks.

The NCC Director of Public Affairs, Dr Ikechukwu Adinde, made this known in a statement on Friday, in Abuja.

Adinde said that the CSIRT, in its first-ever security advisory, less than three months after creation, had identified two cyber-attacks targeting consumers.

He said that the CSIRT had proffered solutions that could help telecommunication consumers from falling victim to the two cyber vulnerabilities.

According to him, the first was described as `Juice Jacking’, which can gain access into consumers’ devices when charging any mobile phones at public charging stations.

The other, he said, was a `Facebook for Android Friend Acceptance Vulnerability’, which targets only the Android operating system.

He further said according to CSIRT security advisory, 0001 released on Jan. 26, with Juice Jacking, attackers have found a new way to gain unauthorised entry into unsuspecting mobile phone users’ devices.

“This is when they charge their mobile phones at public charging stations.

“Many public spaces, restaurants, malls and even in the public trains do offer complementary services to customers, one of which is providing charging ports or sockets,’’ he said.

Adinde, however, said that an attacker could leverage this courtesy to load a payload in the charging station or cables they would leave plugged in at the stations.

“Once unsuspecting persons plug-in their phones at the charging station or the cable, the payload is automatically downloaded on the victim’s phone.

“This payload gives the attacker remote access to the mobile phone, allowing them to monitor data transmitted as text or audio using the microphone.

“The attacker can even watch the victim in real time if the victim’s camera was not covered.

“The attacker is also given full access to the gallery and also to the phone’s Global Positioning System (GPS) location,” he explained.

Adinde further said that an attacker gains access to a user’s mobile phone, he gets remote access which leads to breach in confidentiality, violation of data integrity and bypass of authentication mechanisms.

He stated that symptoms of attack may include sudden spike in battery consumption, device operating slower than usual, apps taking a long time to load, and when they load they crash frequently and cause abnormal data usage.

The director said that the NCC-CSIRT, however, had also proffered solutions to this attack, which include using, ‘charging only USB cable’, to avoid Universal Serial Bus (USB).

He also said that another solution was data connection; using one’s AC charging adaptor in public space; and not granting trust to portable devices prompt for USB data connection.

“Other preventive measures against Juice Jacking include; installing antivirus and updating them to the latest definitions always; keeping mobile devices up to date with the latest patches.

“Using one’s own power bank; keeping mobile phone off when charging in public places, as well as ensuring use of one’s own charger, if one must charge in public,’’ he said.

Adinde said that the NCC-CSIRT advisory 0001, warned that Facebook for Android was vulnerable to a permission issue.

This gave privilege to anyone with physical access to the android device to accept friend requests, without unlocking the phone.

“The products affected include versions 329.0.0.29.120 of Android OS. With this, the attacker will be able to add the victim as a friend and collect personal information of the victim.

“Information such as email, date of birth, check-ins, mobile phone number, address, pictures and other information that the victim may have shared, which will only be visible to his or her friends,’’ the director said.

He said that NCC-CSIRT, in the security advisory, also recommended to users to disable the feature from their device’s lock screen notification settings, to be protected from the Facebook-associated vulnerability.

“The NCC-CSIRT was inaugurated in Oct. 2021 to provide guidance and direction for the constituents in dealing with issues relating to the security of critical infrastructure in their possession.

“NCC-CSIRT is to periodically assess, review and collate the threat landscape, risks, and opportunities affecting the communications sector, in order to provide advice to relevant stakeholders in those regards.

“The NCC-CSIRT also ensures continuous improvement of processes and communication frameworks, to guarantee secure and collaborative exchange of timely information while responding to cyber threats within the sector.

“As the telecoms-industry specific intervention, the objective aligns with the objective of the National Cybersecurity Policy and Strategy (NCPS) document published by the office of the National Security Adviser,” he said.

Adinde added that recently, NCC-CSIRT raised series of cyber-vulnerability awareness based on security advisories it received from the Nigerian Cybersecurity Emergency Response Team, the national body for the implementation of NCPS objective.