Uganda’s Central Bank has fallen victim to a cyberattack, shaking the country’s financial sector. Officials say hackers, possibly from Southeast Asia, targeted the bank about two weeks ago. The hacker group, which identifies itself as “Waste,” was able to gain access to the Bank’s IT systems, leading to a transfer of funds overseas. The news was confirmed by Henry Musasizi, Uganda’s Minister of State for Finance, during a recent parliamentary meeting.
While media reports initially suggested that $17 million was stolen, the bank displayed a quick response and was able to recover almost half of the stolen money. Musasizi clarified that the scale of the breach is under investigation, urging patience until the audit concludes next month. The initial investigations point to some insider involvement in the act along with the external attackers.
Reports suggest that the stolen funds were funneled into accounts in Japan and the U.K., with British authorities freezing $7 million. Unfortunately, a portion of the money had already been withdrawn. Opposition leader Joel Ssenyonyi expressed deep concern, warning that such incidents erode trust not only in commercial banks but also in the nation’s central financial institution.
Cyberattacks against financial institutions are nothing new; they are getting more sophisticated day by day. The institutions of Uganda face cyber attacks throughout the year, but most of them are reluctant to share their incidents, fearing loss of trust and impact on their customer base. The ongoing digital revolution throughout the country and the low level of cyber control are the reasons that make the financial institutions of Uganda vulnerable to cyber attacks. As per the research, cyber attacks in Africa cost more than $4 billion annually, and it’s increasing every year. The Communications Authority of Kenya informed that the country lost almost $83 million to cyber thefts in the year 2023, which makes Kenya the second most attractive target country in Africa.
Institutions across Africa are spending close to $4.35 million annually in restoring services that are affected by a cyber attack, but a lot of work needs to be done to improve the IT systems of various institutions across the continent. The IT systems need to be made more resilient and robust to fight against cyber attacks and develop in parallel with the evolving cyber attacks to safeguard themselves as well as their customers.
This breach serves as a wake-up call for the global financial sectors to consider security as a priority. This breach involves a loss not only in the economic aspect but also in national security and public confidence.
The audit report, expected in a month, will help explain what went wrong and suggest ways to stop similar attacks in the future. It will likely uncover weak spots in the system and recommend better security measures to protect the bank and its funds.
