Sources have revealed to The Alkamba Times (TAT) that hackers got into the digital systems at the Central Bank of The Gambia and are demanding US$2.5 million as payment for the two terabytes of sensitive data stolen from the Bank.
“At least four digital folders connected to one of the CBG servers have been subjected to hacking.”
Sources told TAT the hacking happened on Saturday, 12th November 2022, prompting the CBG management to call for an emergency meeting.
The data accessed by the hackers include the personal finances of Gambians; data on the national economy; customer and partner databases; data on the turnover of financial transactions with the U.S. and other countries; data relating to the distribution of securities and data on the liquidity and other information on the nation’s commercial banks, among others.
According to our sources, the U.S. Federal Reserve Bank Intelligence Unit got involved; it blocked access to the CBG accounts and has offered to help unmask the alleged hackers.
Our source added that the U.S. Fed’s offer had unnerved senior Bank officials.
“This could be a scam designed by some senior CBG officials and the I.T. Department to defraud the Bank,” a local cybersecurity Analyst told TAT.
The Bank I.T. Department, our source said, “recently requested more than D40 million to procure I.T. materials, and the request was turned down due to inflated pricing of the materials”.
Our source also asserted: “The alleged hacking was a ploy to recover the loss endured from turning down the I.T.’s Department’s request. The head of the department and senior managers of the Bank failed to disclose anything regarding the mode and circumstances of the hacking but were only interested in finding a solution.
“They (head of I.T. and senior managers) are not talking about who is responsible for the hacking and their motives or identities, but about how to solve the problem. They are only talking about the solution so that they can withdraw millions from the Bank on the pretext that they will pay I.T. experts to fix a problem that is yet to be fully established.”
TAT is aware that the Bank has more than 15 experienced and well-trained I.T. officials able to handle the alleged hackings or cyber security attacks.
Yet, “some senior officials want to award a contract to an I.T. company to the tune of D50 million so as to get kickbacks,” claimed our source.
TAT also understands that one of the local I.T. firms, which the Bank contracted to secure its digital space, had advised the Central Bank authorities to upgrade the digital system to prevent attacks by cybercriminals.
We further learned from our investigations that “the Bank’s digital system was not upgraded for almost 12 years since it was installed. It should be upgraded every six years, according to experts. This loophole allowed hackers to steal sensitive materials”.
Some cyber security experts say most senior government officials are using open-source communications platforms like Yahoo, Gmail, and Hotmail accounts to communicate official messages and that this is exposing them to the risk of cyber-attacks.
Meanwhile, as regards last weekend’s hacker’s attack on the CBG, the latest information TAT received is that “the Bank’s I.T. Department has been working to find a solution to the problem; the I.T. Manager has confirmed to the management that all the servers are working fine, and the hackers have not been able to access the treasury, foreign exchange, or any sensitive files”.
The Central Bank, in a statement, says the Bank experienced a hacking incident on Thursday, 10th November 2022.
“The Bank acted promptly to secure its systems and began an investigation to determine the incident’s nature, source, and extent.Fortunately, none of the mission-critical systems were compromised, and normal operations have continued unabated. However, preliminary investigations showed that one server was affected, promptly isolated from the Bank’s network, and a recovery process set in motion.”
“The authorities are keeping the matter under close monitoring and the public is at this moment reassured that the Bank is fully operational and will continue to ensure the stability of the national payment systems. There is, therefore, no need for panic.
The Gambia Government continues its unwavering commitment to safeguarding critical infrastructure and assets of the state like the Bank.
Significantly, The Gambia is among many countries worldwide and the sub-region affected by cyber-attacks by vicious cyber criminals bent on blackmailing governments into paying ransoms.”