Posts

NCC inaugurates incident response facility to curb cybersecurity


…. Minister, ONSA, Lawmakers, others commend initiative

… Project will strengthen telecoms infrastructure protection– Danbatta

By Chibuike Nwabuko

Abuja (Sundiata Post) – In a move aimed at addressing incidences of cybercrimes, protecting telecoms infrastructure and encouraging increased participation in nation’s digital economy, the Nigerian Communications Commission (NCC) has inaugurated an incidence response facility.

The NCC Center for Computer Security Incident Response  is the Commission’s industry-specific intervention, whose objectives are aligned to the National Cybersecurity Policy and Strategy (NCPS) published by the Office of the National Security Adviser (ONSA). The NCPS requires each sector to establish a computer incident response team that provides requisite services to the stakeholders and players within each sector.

The overall mandate of the NCC-CSIRT is to ensure continuous improvement of processes and communication frameworks to guarantee secure and collaborative exchange of timely information while responding to cyber threats within the sector.

Speaking during the commissioning of the project in Abuja at the weekend, the Honourable Minister of Communications and Digital Economy, Prof. Isa Ali Ibrahim Pantami, described the Center as a strategic step in boosting cybersecurity in Nigeria and commended the Board of NCC and Danbatta-led Management of the Commission for ensuring successful implementation of the project.

Pantami noted that the commissioning of the Facility marks an important milestone in the telecommunications industry in Nigeria, and described it as a significant measure in the support of national efforts at protecting the information and communication technology infrastructure in the country.

“The creation of the Center is in line with the provisions of the National Cybersecurity Policy and Strategy (NCPS) document published by the Office of the National Security Adviser (ONSA), which was recently updated and launched by President Muhammadu Buhari in February 2021. In keeping with the principles enshrined in the policy, each sector is expected to establish a sectoral Computer Incident Response Team (CSIRT) that provides requisite services…

Source…

House lawmakers seek explanation from FBI’s Wray over ransomware response


By Sean Lyngaas, CNN

(CNN) — Leaders of the House Oversight and Reform Committee are questioning the FBI’s handling of a July ransomware attack on a Florida-based IT firm that compromised up to 1,500 businesses.

Reps. Carolyn Maloney, a New York Democrat, and James Comer, a Kentucky Republican, have requested a briefing from FBI Director Christopher Wray after the bureau reportedly withheld a key to decrypt the ransomware for nearly three weeks, potentially costing victims millions of dollars in recovery costs.

“Congress must be fully informed whether the FBI’s strategy and actions are adequately and appropriately addressing” the threat of ransomware to the US economy, Maloney and Comer wrote Wednesday in a letter to Wray that was shared with CNN. The lawmakers said they want to “understand the rationale behind the FBI’s decision to withhold” the key to unlock computers infected by the ransomware.

The FBI has in recent years ramped up resources to address ransomware, with FBI field offices across the country communicating with victim US companies. But a growing chorus of lawmakers wants to know if the bureau is balancing the need to protect victims with the need to disrupt criminal groups based in Eastern Europe and Russia.

Disrupting the hackers

The Washington Post reported last week that the FBI withheld the decryption key as the bureau planned an operation to disrupt the hackers, a Russian-speaking ransomware syndicate known as REvil. That operation never materialized as REvil mysteriously went offline in mid-July, only to reemerge in September.

The Washington Post was first to report on the letter to the FBI.

The July ransomware incident at the IT firm, Kaseya, rippled across the firm’s customer base of small and medium sized businesses as the hackers were able to breach about 50 of Kaseya’s clients and some 800 to 1,5000 customers of those clients.

An FBI spokesperson said the bureau received the letter and referred CNN to Wray’s recent congressional testimony.

In testimony last week in the Senate, Wray…

Source…

TECNO establishes Security Response Center to improve the security ecosystem


TECNO Mobile recently established official security response center (SRC), a platform for cooperation and exchanges between TECNO and security industry experts, researchers and organizations. This remarks a strategic move that reiterates TECNO’s consistent commitment on security and help upgrade TECNO’s security ecosystem to a higher level.

TECNO SRC has launched a bug bounty program to encourage external security researchers to submit vulnerabilities detected to the security team, and reporters are entitled to get an up to $7,000 reward based on the evaluation of the impact of vulnerabilities. More than 45 models under TECNO Mobile’s four smartphone lines -PHANTOM, CAMON, SPARK and POVA are listed for the bug bounty program.

Stephen Ha, general manager of TECNO said: “ At TECNO, our first priority is offering the most secure mobile experience to our users. SRC is of strategic significance for TECNO to create a comprehensive upgrade of TECNO’s security ecology. Through SRC, we have gone one solid step further on mobile security protection for our users in over 70 global emerging markets.” 

John Peng, head of security department said: “We understand that under current social circumstance, users’ privacy and information security are vital. TECNO has been continuously executing diversified plans in terms of enhancing our product security. By cooperating with international security professionals through the establishment of SRC, we are sure that we  can provide users more secure mobile using experience.”

Starting from coding, application and firmware, the security department carries out security management and audits at each stage of product design, development, testing and release. This is to ensure that all software installed on each device can pass a series of rigorous security checks, including the tests of TECNO security scanning platform, Google Play Protect, GMS BTS and VirusTotal. In addition, TECNO has been regularly sending 90-day security patch updates to users to ensure product safety and protect user equipment from malicious software.

Moving forward, TECNO plans to reach cooperation with the international vulnerability public testing platform…

Source…

Commvault adds new ransomware protection and response services


Commvault has announced new ransomware services designed to help businesses prepare for, protect against, and respond to ransomware. The new offering is called Commvault Ransomware Protection and Response Services and provides the resources and expertise needed to harden customers’ Commvault solutions from an attack, review the state of their data protection solution over time, and help them recover critical data when an attack does occur.

Commvault Ransomware Protection and Response Services includes two specific [email protected]

The Ransomware Protection Design and Plan service assists customers in validating their preparedness for ongoing threats and attacks. The offering will help organizations understand potential threats and risks impacting their ability to be ready. It offers tangible outcomes such as a readiness scorecard, key findings, and recommendations and a prioritised action plan.

The Commvault Ransomware Response Service provides the expertise and resources to help recover from an attack. As part of the service, Commvault provides a Ransomware Recovery Incident Manager backed by the Commvault Recovery Operations team. The service works with customers to identify and recover critical data and expedite a return to normal business operations.

These services complement Commvault Ransomware Protect and Recover solutions that deliver the critical capabilities for ransomware data protection.

More details.

Source…