News
NCC-CSIRT identifies two cyber attacks via Facebook, charging phones
Nasiru Yusuf
The Nigerian Communications Commission’s Cyber Security Incident Response Team (NCC-CSIRT) has independently identified two cyber vulnerabilities and advised Nigerian telecom consumers on the measures to be taken to get protected from the cyber-attacks.
KANO FOCUS reports that the CSIRT, in its first-ever security advisories less than three months after its creation, has solely identified the two cyber-attacks targeting the consumers and proffer solutions that can help telecom consumers from falling victims to the two cyber vulnerabilities.
This is contained in a statement sent to KANO FOCUS by Director, Public Affairs Dr. Ikechukwu Adinde on Friday.
The statement said the first is described as Juice Jacking, which can gain access into consumers’ devices when charging mobile phones at public charging stations and it applies to all mobile phones.
The other is a Facebook for Android Friend Acceptance Vulnerability, which targets only Android Operating System.
According to CSIRT security Advisory 0001 released on January 26, 2022, with Juice Jacking, attackers have found a new way to gain unauthorized entry into unsuspecting mobile phone users devices when they charge their mobile phones at public charging stations.
Many public spaces, restaurants, malls and even in the public trains do offer complementary services to their customers in a bid to enhance customer services, one of which is providing charging ports or sockets.
However, an attacker can leverage this courtesy to load a payload in the charging station or on the cables they would leave plugged in at the stations.
“Once unsuspecting persons plug their phones at the charging station or the cable left by the attacker, the payload is automatically downloaded on the victims’ phone.
“This payload then gives the attacker remote access to the mobile phone, allowing them to monitor data transmitted as text, or audio using the microphone. The attacker can even watch the victim in real time if the victims’ camera is not covered. The attacker is also given full access to the gallery and also to the phone’s Global Positioning System (GPS) location.
“When an attacker gains access to a user’s Mobile phone, he gets remote access to the User’s phone which leads to breach in Confidentiality, Violation of Data Integrity and bypass of Authentication Mechanisms. Symptoms of attack may include sudden spike in battery consumption, device operating slower than usual, apps taking a long time to load, and when they load they crash frequently and cause abnormal data usage,” the statement said.
It added that the NCC-CSIRT, however, proffered solutions to this attack to include using ‘charging only USB cable’, to avoid Universal Serial Bus (USB) data connection; using one’s AC charging adaptor in public space; and not granting trust to portable devices prompt for USB data connection.
Other preventive measures against Juice Jacking, according to the statement include installing Antivirus and updating them to the latest definitions always; keeping mobile devices up to date with the latest patches; using one’s own power bank; keeping mobile phone off when charging in public places; as well as ensuring use of one’s own charger, if one must charge in public.
On the other hand, the NCC-CSIRT Advisory 0001 of January 27, 2022, warns that Facebook for Android is vulnerable to a permission issue which gives privilege to anyone with physical access to the android device to accept friend requests without unlocking the phone. The products affected include Versions 329.0.0.29.120 of Android OS.
With this, the attacker will be able to add the victim as a friend and collect personal information of the victim, such as Email, Date of Birth, Check-ins, Mobile phone number, Address, Pictures and other information that the victim may have shared, which would only be visible to his/her friends.
However, to be protected from the Facebook-associated vulnerability, NCC-CSIRT in the security advisory recommends to users to disable the feature from their device’s lock screen notification settings.
The NCC-CSIRT was inaugurated in October, 2021 to provide guidance and direction for the constituents in dealing with issues relating to the security of critical infrastructure in their possession, and periodically assess, review and collate the threat landscape, risks, and opportunities affecting the communications sector, in order to provide advice to relevant stakeholders in those regards.
As the telecoms-industry specific intervention, the objective of which aligns with the objective of the National Cybersecurity Policy and Strategy (NCPS) document published by the Office of the National Security Adviser (ONSA), the NCC-CSIRT ensures continuous improvement of processes and communication frameworks to guarantee secure and collaborative exchange of timely information while responding to cyber threats within the sector.
In recent times, NCC-CSIRT has raised series of cyber-vulnerability awareness based on security advisories it receives from the Nigerian Cybersecurity Emergency Response Team (ngCERT), which is the national body for the implementation of the NCPS objective. However, Juice Jacking and Facebook for Android Friend Acceptance Vulnerabilities are the two first-ever cyber vulnerabilities published by the NCC-CSIRT.
Nasiru Yusuf Ibrahim
The Society for Family Health has appointed Dayyabu Mahmud Yusuf as Group Director, Impact Partnership and Engagement, as well as Managing Director of RevoHealth HMO Ltd., in a move aimed at strengthening healthcare access and sustainable health systems across Nigeria and Africa.
KANO FOCUS reports that the appointment was announced on the organisation’s official Facebook page on Saturday.
According to SFH, the new leadership appointment signals the beginning of a fresh phase focused on improving impact, expanding access to healthcare services, and advancing sustainable health transformation initiatives across the continent.
The organisation stated that the appointment reflects its commitment to building integrated health systems and promoting innovative platforms in healthcare financing, workforce development, advisory services, and sustainable health interventions.
SFH expressed confidence that Yusuf’s leadership would further strengthen the organisation’s impact and deliver lasting value to communities across Nigeria and beyond.
Yusuf is a seasoned public health professional with more than 18 years of experience in the design and implementation of public health, social marketing, and health systems strengthening programmes in Nigeria.
He is widely recognised as a health systems expert, health economist, programme management specialist, and community engagement practitioner, with extensive experience in reproductive, maternal, newborn and child health (RMNCH), HIV/AIDS, malaria, child survival, and nutrition interventions.
He has also built strong technical expertise across the family planning and maternal, newborn and child health continuum, while leading large and complex teams on multiple development programmes.
Yusuf possesses strong advocacy and stakeholder engagement skills, having worked closely with senior government officials, lawmakers, and influential traditional and religious leaders to drive institutional and behavioural changes that support effective programme implementation.
A seasoned trainer, Yusuf has trained various cadres of health professionals and is known for his practical expertise in participatory community engagement approaches.
He holds a degree in Microbiology and a Master’s degree in Health Economics from Bayero University Kano, as well as an MSc in Microbiology from University of Abuja.
Nasiru Yusuf Ibrahim
A former Governor of Kano State Dr. Rabiu Musa Kwankwaso, has commended the Inspector-General of Police, Olatunji Disu, for ordering a fresh investigation into the disappearance of activist and lecturer Abubakar Idris Dadiyata.
KANO FOCUS reports that Kwankwaso made the remarks in a statement posted on his Facebook page on Saturday following recent testimony by a former aide to an ex-state governor, who allegedly claimed that police officers were responsible for Dadiyata’s disappearance in Kaduna.
Dadiyata, a lecturer and social media commentator, was abducted in 2019, and his whereabouts have remained unknown since then.
According to Kwankwaso, he and his associates have consistently advocated for a thorough investigation into the incident and for those responsible to be brought to justice.
He described the Inspector-General’s directive for a comprehensive investigation as a “decisive and long-overdue action,” expressing hope that the process would uncover the truth behind the disappearance.
The former governor also urged police authorities to place individuals named in the allegations under close surveillance to prevent interference with the investigation.
Kwankwaso further called on the government to ensure that Dadiyata, if found alive, and his family receive adequate compensation for the trauma and hardship they have endured over the years.
He commended members of the public for sustaining advocacy efforts on the case and also praised Abba Hikima Fagge for what he described as his important role in the latest developments surrounding the investigation.
Kwankwaso expressed optimism that the renewed probe would ultimately deliver truth and justice in the case.
Nasiru Yusuf Ibrahim
The Director General of the Telecommunications Regulatory Board (ART) of the Republic of Cameroon, Philemon Zoo Zame, on Wednesday visited the headquarters of the [Nigerian Communications Commission (NCC) in Abuja for a benchmarking exercise aimed at strengthening regulatory collaboration and knowledge sharing between both countries.
KANO FOCUS reports that during the visit, the Cameroonian telecom regulator met with the Executive Vice Chairman and Chief Executive Officer of NCC, Aminu Maida.
A statement issued by Ayiabari A. Kigbara, Manager, Media Relations, Public Affairs Department of the NCC, said the engagement focused on exchanging ideas and best practices in telecommunications regulation, with emphasis on enhancing efficiency and development within the sector.
SFH appoints Dayyabu Yusuf to lead strategic health partnerships, RevoHealth HMO
Kwankwaso commends IGP over probe into Dadiyata’s disappearance
Cameroon telecom regulator visits NCC for benchmarking exercise
Dangote Refinery maintains ex-depot price of PMS
Tinubu congratulates Garo on appointment as Kano deputy governor
Kano SUBEB disowns fake teachers’ recruitment results
Sarkin Fulanin Jaidinawa Abubakar Gwadabe Buhari dies, funeral set for Wednesday
Kano Judicial Commission sanctions Shariah Court Judges, other staff over misconduct
Tinubu nominates Kano’s Rabiu Umar as new NMDPRA chief
