A cyber-attack is a malicious act perpetrated in the digital realm, targeting computer systems, networks, or data for various purposes. These attacks range from theft of sensitive information, disruption of services, to causing financial or reputational harm. Attackers use a myriad of techniques like malware, phishing, or denial of service to breach defenses and exploit vulnerabilities.
Many financial institutions and telecom companies always fall prey to cyber criminals that steal money, and/or sensitive information, and demand ransom.
Recently, a hacking cartel hacked into the systems of two big Ugandan commercial banks, and accessed customers’ data, including account details of high profile clients.
The gang breached the banks’ systems and gained access to sensitive customer’ personal information, including account details such as names, identity cards, bank statements, deposits and credit records.
The hackers demanded a ransom worth $1 million, but the banks, obligated to protect client data, refused to pay the ransom and instead switched to a backup data center managed by Raxio in Namanve.
This, however, is not the only cyber-attack incident to occur.
The Africa Cybersecurity Report – Uganda 2019/2020 by Serianu, a Pan African cybersecurity firm, found that cyber-attacks in Uganda were on the rise, with a 300% increase in cybercrime reported in 2020. The report also estimated that cyber-attacks cost the Ugandan economy about 11.4 billion shillings in 2020. Out of 11.4 billion, only 51.8 million shillings was recovered.
The report identified a number of factors that contributed to the increase in cyber-attacks in Uganda, including: the COVID-19 pandemic, which led to an increase in remote work and online transactions, making organizations and individuals more vulnerable to cyber-attacks; the growing popularity of mobile banking and other online financial services, which created new targets for cybercriminals, the lack of cybersecurity awareness and training among many Ugandans; and lack of a comprehensive cybersecurity strategy for Uganda.
The report also identified a number of specific types of cyber-attacks that were common in Uganda, including: phishing attacks, in which cybercriminals send fraudulent emails or SMS messages designed to trick people into revealing their personal information or clicking on malicious links; malware attacks, in which cybercriminals infect computers and other devices with malicious software that can steal data, encrypt files, or disrupt operations; and ransomware attacks, in which cybercriminals encrypt files and demand a ransom payment in exchange for the decryption key.
Although it is not known what method the hackers used to launch the attack, it is believed that the hackers relied on a phishing attack whose goal is to steal sensitive data by tricking individuals into revealing sensitive information, such as login credentials, financial data, or personal information, or by installing malware on the victim’s machine.
Banks and telecom companies are the main targets of such attacks.
In 2018, Kampala Central Police Station (CPS) registered a case of unauthorized access and theft of money, worth 2.6 billion shillings stolen from Bionic Limited Systems, which operates a cloud based mobile payment system, while Criminal Investigations Directorate (CID) of the Uganda Police Force at Kibuli registered another case of unauthorized access and theft of money worth 802 million shillings filed by MTN Uganda.
Similarly, in 2019 dfcu Bank filed a case of unauthorized access and theft of 383 million shillings at CID offices in Kibuli, centenary bank filed a case of unauthorized access and theft of 800 million shillings at CPS.
In October 2022, Airtel was the target of cyber heist after hackers took control of a betting site that was used by bettors to place their bets after crediting their accounts with Airtel money. The hackers completed transactions on 1,800 SIM cards in a heist that is believed to have been enabled by insiders.
It is evident that cyber-attacks on Ugandan commercial banks and telecom companies have had far-reaching and detrimental effects on both the financial and telecommunications sectors.
The attacks have caused substantial financial losses due to theft of funds, data breaches, and fraud. The compromised financial data of customers and institutions has led to identity theft, causing lasting harm to individuals and reputational damage to businesses.
Remedies
The Uganda Communications Commission (UCC) Executive Director, Irene Kagwa says prevention of cyber-attacks requires institutions to consider investment in cyber security by building strong systems to minimize the problem.
“We need to invest in cyber security. We need to begin looking at it not as an expense, but rather an investment,” she says.
On the other hand, Bonisiwe Mandiwana, a security awareness ambassador at the Cyber Culture Foundation in South Africa says awareness is the way to go.
“Awareness. We the people drive this technology. The awareness needs to start from your security guard at the gate, to your CEO, to your board members. Awareness is very important.”
The Africa Cybersecurity Report – Uganda 2019/2020 by Serianu, a Pan African cybersecurity firm makes a number of recommendations to help reduce the risk of cyber-attacks in Uganda, including:
The report recommends increasing cybersecurity awareness and training among Ugandans, development of a comprehensive cybersecurity strategy for Uganda, and investments in cybersecurity technologies and solutions.
The report also recommends that organizations in Uganda take steps to protect themselves from cyber-attacks, such as implementing strong security policies and procedures, educate employees about cybersecurity best practices, invest in cybersecurity solutions such as firewalls, intrusion detection systems, and antivirus software, and regular backing up of data and testing backup systems.
Furthermore, the report recommends strengthening of law enforcement’s ability to investigate and prosecute cybercrimes.
In August last year, the Office of Directorate of Public Prosecutions (ODPP) and UCC signed a Memorandum of Understanding (MoU) to collaboratively investigate and prosecute cyber-crime cases.
The MOU established a network between ODPP and UCC, formation of provision of information, assistance in a timely and efficient manner, capacity building and knowledge sharing among others.
The MoU intended to improve the ability of prosecutors in the prosecution of cybercrime, and ultimately, all crimes through provision of technical support, capacity building training, information sharing, and technical assistance in the investigation and prosecution of cyber-crimes.
When DPP, Jane Frances Abodo was appointed in this role in April 2020, she created a cyber-crime unit as a specialized unit in order to prioritize, solicit and build relationships with willing entities, both government and private sector to fast track the investigation and prosecution of cybercrime.
It is therefore important to recognize that the increasing frequency and sophistication of cyber-attacks pose a growing threat to businesses, individuals, organizations, and nations alike. The incidents of data breaches, ransomware attacks, and other malicious activities underscore the urgent need for enhanced cybersecurity measures. It is clear that vulnerability is a stark reality that cannot be ignored.
Governments and businesses must collaborate to bolster their cyber defenses, invest in robust technologies, foster a cyber-resilient culture, and promote information sharing to stay ahead of cybercriminals.
Additionally, public awareness and education are equally critical, empowering individuals to protect themselves and their data from online threats.
