Uganda News

Money Heist: Hackers steal Ugx 47b from Bank of Uganda Accounts

New information indicates that a total sum of $13 million (Shs47.8 billion) was taken out, with $6 million (Shs22 billion) sent to an account in Japan and $7 million (Shs25.7 billion) wired to an account in London, the United Kingdom.

The Bank of Uganda (BoU) has confirmed that it is awaiting a report from law enforcement regarding a significant cyber breach reported two weeks ago, during which an estimated $17 million (Shs62.4 billion) was allegedly siphoned from the national Treasury account.

However, new information indicates that a total sum of $13 million (Shs47.8 billion) was taken out, with $6 million (Shs22 billion) sent to an account in Japan and $7 million (Shs25.7 billion) wired to an account in London, the United Kingdom. The incident is said to have happened in September. When President Museveni got wind of the matter, he directed the security agencies to probe the heist.

Dr. Natamba Bazinzi, BoU’s Deputy Director for Communications, stated in response to inquiries, “Bank of Uganda is waiting for the police report on the reported incident.”

Details of the Hacking Incident

Sources familiar with the matter revealed that the attack was orchestrated by a shadowy hacking group known as “Waste,” believed to operate out of Southeast Asia. The group reportedly breached the central bank’s IT firewalls, gaining access to the Treasury account. It remains unclear whether the hackers specifically targeted the $17 million or if this was simply the amount available at the time.

The breach, which exposed vulnerabilities in the bank’s cybersecurity measures, has caused widespread concern within BoU’s management, reportedly placing them in a precarious position. The absence of a substantive governor for nearly three years has further amplified fears of leadership instability.

Government and Security Agency Involvement

In response to the breach, BoU escalated the matter to President Museveni, who initially tasked the police’s Criminal Investigations Directorate (CID) with probing the incident. However, the President later shifted the investigation to the Uganda People’s Defence Forces’ (UPDF) Defence Intelligence and Security (DIS) unit—formerly the Chieftaincy of Military Intelligence (CMI).

DIS, known for handling high-profile cases such as terrorism and organized cybercrime, is now collaborating with other security agencies to unravel the breach.

Internal and External Investigations

In addition to the security probe, BoU has engaged a leading audit firm to conduct a comprehensive information systems audit. The review aims to determine the full extent of the intrusion, quantify potential losses, and recommend robust measures to strengthen cybersecurity protocols.

BoU sources have raised suspicions of internal collusion between certain employees and staff in the Ministry of Finance’s Treasury department and the Accountant General’s office. Despite these allegations, Ministry of Finance spokesperson Mr. Jim Mugunga expressed skepticism, suggesting it would be challenging for hackers to extract such a substantial sum undetected.

Broader Cybersecurity Concerns

The incident underscores the increasing vulnerability of Uganda’s financial systems to cyberattacks. In May 2023, BoU, in partnership with the Macroeconomic & Financial Management Institute of Eastern and Southern Africa (MEFMI), hosted a cybersecurity workshop in Kampala. The event focused on building resilience in financial systems against cyber threats.

During the workshop, Dr. Tumubweinee Twinemanzi, BoU’s Director for Supervision, highlighted the importance of robust risk management processes and systems capable of withstanding cyberattacks. The training aimed to equip participants with skills in detecting, investigating, and preventing cybercrimes, as well as instituting effective internal and external controls.

Growing Threat of Cybercrime

Cybersecurity experts note that hackers increasingly exploit vulnerabilities in legacy financial networks. In previous incidents, hackers have infiltrated systems of commercial banks and telecoms, bypassing firewalls and evading detection with advanced ransomware.

Uganda reportedly loses billions of shillings annually to cybercrime, according to police reports. Such breaches are often linked to both local and international actors, including state and non-state entities involved in espionage, financial theft, and cross-border cybercrimes.

Security Probes BoU Heist as Possible Insider Job

Investigations into the alleged theft of billions from the Bank of Uganda (BoU) have revealed that the incident may have been an insider job, contrary to initial claims of hacking. Security agencies suspect collusion between officials from BoU, the Ministry of Finance’s Treasury department, and the Accountant General’s office.

Key Findings

An independent audit sanctioned by BoU management found no breach of the bank’s network firewalls. Instead, fictitious expenditures were allegedly created, and funds totaling $13 million (Shs47.8 billion) were transferred to accounts in Japan and the UK via encrypted wire transfers.

The probe has implicated Ministry of Finance staff, with some arrested for questioning. Police investigations revealed that asymmetric file encryption and intermediary banks facilitated the transfers.

Official Responses

BoU deputy communications director, Dr. Natamba Bazinzi, stated that the bank awaits the police report on the matter. Dr. Michael Atingi-Ego, BoU’s acting Governor, is expected to issue a comprehensive statement soon.

Broader Implications

The heist underscores vulnerabilities in public financial systems and points to long-running schemes of insider fraud. Experts warn of frequent cyber-attacks on Uganda’s financial institutions, with $3 million reportedly stolen from commercial banks in the past year.

Authorities are now investigating whether earlier incidents might be connected to similar schemes of fraud and money laundering.

ADVERTISMENT

Related Articles

Leave a Reply

Back to top button