Zambia's central bank
Finance 

Zambia’s central bank hit by ransomware attack

Amit Kumar
  • The Bank of Zambia refused to pay the ransom to the Hive ransomware gang because of the small losses, which is a rare hardliner against ransomware in recent years;
  • Some of the bank’s information technology applications are interrupted, including the SAFE monitoring system and website, and some test data may also be leaked;
  • Since its debut in June 2021, Hive ransomware has become one of the leading gangs with a ferocious attack.

According to Bloomberg, the Bank of Zambia said it would not pay a ransom to the Hive ransomware gang. The Hive gang had previously attacked the bank, but the damage to the system was fairly limited.

The Bank of Zambia is the central bank of Zambia, a landlocked country in south-central Africa. Zambia joined the “Belt and Road” initiative in 2018, and the Zambia-China Economic and Trade Cooperation Zone is the first overseas economic and trade cooperation zone established by China in Africa.

Greg Nsofu, director of information and communications technology at the Bank of Zambia, said in an interview that “all of our core systems are still running, and there is not much sensitive data that was really leaked.”

At present, only some test data may actually be leaked.

Nsofu pointed out, “We have properly protected the core system, and there is no need to even negotiate with the other party about the ransom issue. So our attitude is very clear, let them stay where they are cool.”

BleepingComputer also found that on the Hive corresponding ransom payment negotiation page, someone insulted the Hive gang, and many security people believed that this may be the response of the Bank of Zambia.

Some apps have been out of service

On May 13, the Bank of Zambia announced that it suffered a suspicious cyber attack on May 9 (last Monday), and some information technology applications were interrupted, including the monitoring system and website of the State Administration of Foreign Exchange.

The Bank of Zambia urged the financial industry to remain vigilant as such attacks may not be isolated.

On May 14, the website of the Bank of Zambia was also temporarily shut down.

Japanese cybersecurity vendor Trend Micro revealed that Hive ransomware, which was first unveiled in June 2021, has “become one of the most active and aggressive ransomware families in just one year.”

According to an FBI investigation, the software is often used to steal data and encrypt victims’ files, then leave a ransom note. The Hive gang has previously targeted U.S. healthcare operations and has also launched attacks on Indonesia’s state-owned oil and gas company.

Incidents of data breaches and attacks are emerging one after another, reminding enterprises and organizations to do a good job in data protection. Always pay attention to the importance of data security. Don’t ignore cybersecurity. Many enterprises now use VMware Backup for data disaster recovery.

Amit Kumar

Amit Kumar is a Digital Marketing Strategist in a leading organisation. A creative marketing strategist with over 8 years of experience developing digital marketing strategies and guiding business development