The Bank of Uganda (BoU) said last evening it was “waiting” for a police probe report on an alleged hacking incident a fortnight ago in which an estimated $17m (Shs62.4b) was reportedly taken out of the Treasury account. The BoU deputy director for communications, Dr Natamba Bazinzi, in response to inquiries by this publication said: “Bank of Uganda is waiting for the police report on the reported incident.”
Knowledgeable sources told the Monitor that a shadowy group of hackers calling themselves “Waste” based out of Southeast Asia had penetrated the Central Bank’s IT infrastructure firewalls and taken Shs62.4 billion. It is not clear whether the $17m is what the hackers were aiming for or it is what they found on the account.
BoU top management, sources intimated, escalated the matter to President Museveni, who in turn directed the police’s Criminal Investigations Directorate (CID) to probe the incident. The President, however, later walked back the directive to CID and directed the Uganda People’s Defence Forces’ spy agency, Defence Intelligence and Security (DIS), formerly the Chieftaincy of Military Intelligence (CMI), to take over the probe.
The DIS conducts intelligence operations, in liaison with other security apparatuses related to high-profile crimes such as armed robberies and terrorism. The hacking incident, sources further said, put the BoU top management on “tenterhooks” on how to respond but also keep the matter under wraps so as not to trigger concerns about the leadership vacuum; the absence of a substantive central bank governor for almost three years now.
The Bank, sources added, has engaged a top audit firm to conduct an information systems audit examining the extent of the plunder, and also guide management on controls. Dr Michael Atingi-Ego, who since January 2022, has been holding forte simultaneously as governor, deputy governor, and BoU chairperson, was by press time last evening expected to issue a substantive statement on the incident.
Sources briefed about the matter hinted about possible “connivance” between some BoU staff and their counterparts in the Ministry of Finance’s Treasury department and Accountant General’s office on the hack job.
The Ministry of Finance spokesperson, Mr Jim Mugunga, however, cast doubt about such a large sum of money being swiped out of the state coffers.
“I have been incapacitated for some time and I am not privy to such information, but I doubt that such a big incident would be wrapped in mystery,” Mr Mugunga said. If confirmed, the incident would bring to light the urgent need for a robust cybersecurity system for the country’s central bank.
ON HIGH ALERT
Cybersecurity
The Bank, in collaboration with Macroeconomic & Financial Management Institute of Eastern and Southern Africa (MEFMI), in May last year, conducted a workshop on cybersecurity in the financial services sector in Kampala.
MEFMI is a regionally-owned organisation specialising in providing training and capacity development programmes on macroeconomic and financial sector management. Presiding over the official opening of the event, Dr Tumubweinee Twinemanzi, the director for supervision at the Bank of Uganda, stressed the need for effective risk management processes, as well as robust and resilient systems to ensure business continuity in the unfortunate but expected event that their systems may be susceptible to cyberattacks.
The workshop aimed to raise participants’ awareness on cyber financial crimes and equip them with tools and techniques for their detection, investigation, reporting, and prevention techniques, as well as the necessary internal and external controls to mitigate them. Previously, hackers have penetrated legacy network firewalls of commercial banks and telecom companies, which transact on Internet-enabled platforms, but are yet to be upgraded with ransomware that evades detection and circumvents firewalls.
In the intrusions, the hackers have taken control over networks of telecoms or pillaged unspecified amounts of money. According to police, Uganda loses billions of shillings annually in cyber-breaches. Internationally, both state and non-state actors engage in cybercrimes, including espionage, financial theft, and other border crimes.
Additional reporting by Benson Tumusiime.