Saturday, December 28, 2024

Bank of Zambia refused to pay ransom to hackers

Share

The Bank of Zambia says it refused to pay ransom to a group known as Hive that was behind a cybersecurity breach that caused minimal damage to its systems last week.

Last week, the Central Bank disclosed that recent technical outages resulted from a cyberattack.

“All of our core systems are still up and running,” Greg Nsofu, information and communications technology director at the Bank of Zambia, told Journalists in Lusaka.

“The disruption, which affected some systems at the Bank such as the Bureau De Change Monitoring System and the Website, emanated from a suspected cybersecurity incident. We wish to advise that these systems have since been fully restored.”

“Not much sensitive data has actually been shipped out.”

Mr. Nsofu said, “So we pretty much told them where to get off,” confirming that it was someone affiliated with the bank who responded to Hive.

After suffering a ransomware attack by the Hive operation, the Bank of Zambia made it clear that they were not going to pay by posting a picture of male genitalia and telling the hackers to s… (well, you can use your imagination).

While the Bank of Zambia did not disclose the details of the cyberattack, BleepingComputer learned that the attack was conducted by the Hive ransomware operation, which claimed to have encrypted the bank’s Network Attached Storage (NAS) device.

However, instead of paying the ransom, the bank representatives responded to the ransom negotiation by making fun of the hacker’s ’14m3-sk1llz.’

They then proceeded to post a link to a dick pic while stating, “suck this dick and stop locking bank networks thinking that you will monetize something, learn to monetize.”

BleepingComputer has contacted the Bank of Zambia with further questions about this incident but has not received a response.

15 COMMENTS

  1. Was it hacked by PF puppets ?
    Excuse me asking this I just feel they’ll go to any lengths to gain a buck or two

    2
    8
  2. Tikki when do you ever hear about a central bank being hacked anywhere in the world? It is clear this is an inside job. Kalyalya and his criminal friends are behind this .

    7
    4
  3. Nasty & stupid. Which sensible hacker would hack a poor nation like Zambia??Pretty desperate eh! Don’t pay!

    #plant a tree please.

    4
    2
  4. FYI – A few examples, Just to HELP THOSE WHO LACK INFORMATION, but commenting by spewing rubbish and misinformation.
    Mar 24, 2022 — The hacker collective Anonymous claims to have hacked the Central Bank of Russia and is threatening to release more than 35,000 files……
    — The European Central Bank (ECB) had to shut down one of its websites after it was hacked ,,,,
    Jun 29, 2021 — COPENHAGEN, June 29 (Reuters) – Denmark’s central bank was compromised in last year’s global SolarWinds hacking operation,,,,,
    Jan 10, 2021 — New Zealand’s central bank says that one of its data systems has been breached by an unidentified hacker ……
    Dec 12, 2021 — The Philippine central bank is monitoring a surge in complaints of hacked bank accounts

    2
    3
  5. general KANENE has put this ignorant or just naive impostor @2 to shame. Criticizing and condemning every act by the UPND out of hatred for HH. You’ll never step back in the corridors of power again, not at least for the next ten (10) years that HH will rule this country.

  6. Just a layman’s observation. If you fail to pay ransom, the kidnappers usually kill the victim. Don’t crucify me, it’s just an observation.

    3
    2
  7. How can a central bank which is supposed to have the highest security system and malware protection be hacked. This means people in BOZ tech staff were sleeping.

    2
    1
  8. Refusing to pay should not equal being inappropriate and insulting! Perhaps BOZ could have acted smarter and led the hackers on to obtain more info which could then be shared with interpol leading to them being busted. Reading some of the language(insulting) attributed to BOZ, I have two conclusions;

    1. the story is not entirely accurate
    2. BOZ is overrun by chongololos and the IT dept should be re-organized! Sha!

  9. Cybercrime is a serious global problem. they will hack anyone even individuals. please stay laert to this risk.

  10. Obviously, I am not reading this right. Who posted the picture BoZ or Hackers? As one involved with Red and Blue Team mobilization, I find this story cheap and childish. BoZ was attacked by a Script Kiddie not some seasoned hacker. The level and packaging of Ransomware has become so sophisticated to the degree that even tough tested agencies have been hacked and actually ended up paying the ransom. Aware from red teaming, let’s talk blue teaming. BoZ you urgently need to engage a third party to conduct vulnerability assessment and penetration test of your perimeter network and security. If not already ensure all sensitive information at rest, in use and in motion is encrypted with industry supported protocols like AES256. Leverage secure tunnels for information transfer and…

  11. avoid use of legacy authentication protocols. Examine all processes, technology and people. People are the weakest attack vector in any cyber breach, therefore, engage in a wide scale security awareness campaign with a focus on phishing emails, social engineering attacks, vishing, smishing, spear-phishing and whaling attacks. Add multifactor authentication (MFA) or passwordless authentication immediately.

  12. Cyber Crime is serious problem globally. We in Zambia do not realize it. We do not have adequate Laws on CYber Crime. In some countries it is legal requirement to report cyber attacks within 72 hour to some govt entity like ZICTA. The breached company also has to inform the owners of the data that has been breached. To make matters worse there not enough professionals to protect information and information systems globally.

    I do not think there is even good cyber Security Awareness among the Zambian people. I believe there are a lot such attacks that go un reported.
    I would commend the Bank of Zambia for having come out in the Open to communicate the attack. And i only hope the other businesses including commercial banks would take this as a timely warning that Cyber criminals mean…

  13. I am currently working on a public Cyber security Awareness campaign which will be rolled out in July 2020. It will cover the following topics
    1. Phishing attacks
    2. Removable media
    3. Passwords and Authentication
    4. Physical security
    5. Mobile Device Security
    6. Working Remotely
    7. Public Wi-Fi Security
    8. Cloud Security
    9. Social Media Use
    10. Internet and Email Use
    11. Social Engineering
    12. Security at Home
    I will various companies will give me the support

  14. I was thinking of what to tell my Parent about my University grade because I failed woefully not until I search for a solution and I saw a lot of testimony posts about this Hacker Wizard Web Recovery, I contact him and I explain my problem to him and he promise to help me change my grade so after he asks me some few questions and collected my details he asks me to message him after 6 hours so I did then he told me to go and check my grade in the school portal I was amazed at what I saw and I can proudly tell my parent about my grades, you can also contact him if you need such help, his work is swift and very affordable Contact Him Through Email: [email protected] or WhatsApp: +1 (917) 725-3296?)

Comments are closed.

Read more

Local News

Discover more from Lusaka Times-Zambia's Leading Online News Site - LusakaTimes.com

Subscribe now to keep reading and get access to the full archive.

Continue reading