Nigeria flags spike in brute-force attacks

Nigeria flags spike in brute-force attacks

The National Information Technology Development Agency (NITDA) has warned Nigerians of escalating brute-force attacks targeting Virtual Private Network (VPN) and Secure Shell (SSH) services. 

The cybersecurity red flag from the Federal IT agency of Nigeria emanated from an advisory on heightened concerns raised by cybersecurity intelligence firm, Cisco Talos, NITDA said.

According to Cisco Talos, there has been a significant increase in malicious activities aimed at compromising various devices, including VPN services, web application authentication interfaces, and SSH services.

These brute-force attacks involve repeated login attempts using various username and password combinations, a development that pose serious threats to the security and integrity of digital systems.

One notable aspect highlighted by Cisco Talos and echoed by NITDA is the use of source IP addresses associated with proxy services such as TOR, VPN Gate, IPIDEA Proxy, and others. This tactic complicates detection and mitigation efforts, making it challenging to identify and neutralise the perpetrators behind these attacks.

Preventive Measures:
To mitigate the risk of falling victim to these attacks, NITDA emphasises the importance of implementing robust preventive measures, including:

  1. Regular Device Updates: Ensure that all devices are promptly updated with the latest security patches and updates to address known vulnerabilities.
  2. Strong Passwords: Utilise complex and unique passwords for authentication, and consider implementing multifactor authentication (MFA) to enhance security measures.
  3. SSH Configuration: Disable root SSH login and enforce strict access controls to authorised users only to minimise the risk of unauthorized access.

The success of these brute-force attacks can lead to severe consequences, including unauthorised network access, account lockouts, and denial-of-service conditions. Among the affected services are widely used VPN solutions such as Cisco Secure Firewall VPN, Checkpoint VPN, Fortinet VPN, and SonicWall VPN, along with others including RD Web Services, Miktrotik, Draytek, and Ubiquiti.

Analysts say that as cybersecurity continues to evolve, proactive measures and collaboration between stakeholders are crucial in combating the growing menace of brute-force attacks targeting VPN and SSH services.

Source of Article