According to the NCC, these measures include ensuring that organisations’ employees use strong, unique passwords for every account and enabling multi-factor authentication where it is supported to prevent “ransomware attacks”.

The NCC also urged organisations to ensure regular systems backup.

The NCC-CSIRT’s warning was contained in its advisory of August 12, 2022, after the “Yanluowang Threat”, where hackers gained access to Cisco’s network using an employee’s stolen credentials after hijacking the employee’s personal Google account containing credentials synced from their browser.

Ransomware is a malware designed to deny a user or organisation access to files on their computer until they pay the attackers. Cisco reported the security incident on its corporate network but said it did not identify any impact on its business.

However, the threat actors published a list of files from this security incident on the dark web on August 10.

In a statement by the NCC, signed by the Director, Public Affairs, Reuben Muoka, on Saturday, the NCC-CSIRT estimated “potential damage from the incident to be critical while predicting that successful exploitation of the ransomware will result in ransomware deployment to compromise computer systems, sensitive products, and customers’ data theft and exposure”.

It also stated that there may be a huge financial loss to organisations by incurring significant and indirect costs which could also mar their reputations.