Cumulatively $30M lost to threat actors in three financial breaches

also ft the Surveillance question in Kenya

Olatunji Olaigbe

and

Noah Aderoju

Nov 30, 2024

CybAfriqué is a space for news and analysis on cyber, data, and information security on the African continent.

Hi everyone, Tunji here!

This week’s edition was written by Noah, who you’ll be hearing from more often on the newsletter front. Enjoy, and you can always send feedback to cybafrique.media@gmail.com.

ICYMI: CybAfriqué is now on social media. We encourage you to follow us via Linktree to stay connected.

— Olatunji

HIGHLIGHTS

Threat actors hit the financial sectors across the continent

This week, a threat actor known as “Waste” from Southeast Asia was reported to have breached the Ugandan Central Bank’s system and stole 62 billion shillings ($17 million) from its accounts. Similarly, another case that shows how breaches have long-term effects, N4aughtysecTU, the threat group that carried out the Transunion breach in 2022 said they had used the data collected from that breach to create 100,000 accounts and apply for false benefits from the South African Social Security Agency (SASSA), claiming to have stolen at least R175 million ($9.6 million). The frequency and complexity of cyber attacks are not only growing in Africa, the loss of hard earned money to it is getting out of hand.

Just this same week, Interpol also released details on Operation Serengati, which among many other things “cracked a case of online credit card fraud linked to losses of USD 8.6 million” in Kenya, run by a syndicate that stole funds by altering security protocols in banking systems. Earlier in April, Nigerian fintech unicorn Flutterwave was also reported to have suffered a security breach that allowed unknown persons to divert about ₦11 billion ($7 million) to several bank accounts.

The onslaught of cyber-attacks on African financial systems is at a record high, with government and financial organisations being the frontline for most of these attacks. A recent Positive Technologies Threatscape for African countries revealed that 22% of successful attacks are on financial institutions while the highest, 29% of successful attacks, are targeted at government organisations. This is mostly due to the rapid growth of the digital environment, especially in the development of finance solutions targeting unbanked citizens not adequately protected by a strong cybersecurity framework.

As shown by the Transunion breach, cybercriminals can exploit vulnerabilities over long periods of time, and the final impact of breaches is always on those whose data was stolen, not the company it was stolen from. For example, people whose stolen identities have been used to create accounts and apply for funds can no longer do so again with their own identities. African organisations and stakeholders in the continent's cyberspace need to urgently get serious with building a sufficient security framework to protect them from cyberthreats first by plugging every vulnerability leaks and improving their cyber resilience.

In Nigeria, folks are investing in cross-organizational resilience by sharing data on threat actors, networks, and common best practices. Zambia is also working with the International Telecommunication Union (ITU) to improve cybersecurity in the country through capacity development and electronic evidence management skills. These are in line with experts' advice for nations and organisations to enhance cyber resilience by identifying non-tolerable events and protecting critical assets, monitoring and responding to cyber threats with modern security tools.

Do you find this newsletter valuable? Remember to share with your network.

RE: Surveillance concerns and denial in Kenya

Privacy and safety concerns arose again in Kenya this week when a report revealed that one of the president’s cabinet member was sued for the purchase of spyware ahead of the coming general elections. This is shortly after another report had earlier revealed how Kenyan police use mobile phones to track and capture suspects of the June Protests, which we highlighted last week.

ICYMI: Digital curfews in Kenya

Despite the denial of the Kenyan government, concern for privacy and safety have continued to spike among citizens of the East African country as we see more reports of illegal government surveillance.

Rumours of active illegal surveillance of citizens have existed in Kenya for a while now. The government has allegedly exploited their access to telecom companies' data to track call data and location information, coupled with access to other security surveillance systems like CCTV footage to abduct and persecute citizens.

Like many other African countries, Kenya, despite having legal access to various repositories of citizen information through mandatory SIM card registration and other security surveillance systems, has been on different occasions linked to the purchase and use of spyware like the Israeli Pegasus Spyware and Circles for illegal surveillance of its people. The rise in the adoption of Chinese technology-powered smart city programs across Africa, Kenya inclusive, has also raised concerns because of its reputation of being weaponized by states to spy on opposing voices and civil societies.

Although Kenya is one of the African countries with a constitutional protection guarantee of citizens’ privacy through its Data Protection Act of 2019 ensuring the safe and judicious collection and processing of citizens' information collected by any entity, including the government, the fear of these collected information being used to harm the people is ever valid.

FEATURES

The Central Bank of Egypt will launch a card tokenization technology by 2025 to advance the security of digital payments. According to this report, the advanced security measure represents a crucial step in protecting the nation’s rapidly expanding digital payment ecosystem. The initiative will help secure the country’s rapidly increasing digital transaction volume which has risen from EGP 7 trillion in 2021 to over EGP 22 trillion by late 2024.
According to another report, the 2024 African Perspectives on Cyber Security Report by Check Point Software Technologies, in Nigeria alone an average of 3,759 cyber-attacks are experienced by organizations weekly, a huge number compared to the 1876 global weekly average.