CBN Asks Banks to Report Cyber Crimes

Meanwhile, following a recent report that North Korean hacking operations were growing and getting bolder and increasingly targeting financial institutions in Nigeria and 17 other countries, the central bank has advised financial institutions under its regulation to always report incidents of cybercrime to the CBN.

The CBN Director, Banking and Payment Systems Department, Mr. Dipo Fatokun, who said this while responding to questions about the report from Russian cyber security firm, Kaspersky, in a phone interview with THISDAY on Sunday said sharing of information about cybercrime would help in developing better defence against such crimes.
According to him, no Nigerian bank has reported any case of hacking to the CBN.
Fatokun explained: “From the reports we have read, no Nigerian bank has reported to have been hacked. One thing about hacking is that if a bank is hacked, it could disrupt its services to customers, depending on the type of hacking that was done. If it was denial of services, definitely the customers’ services would have been disrupted.
“Sometimes, it is such disruptions that even alert the banks that something is wrong with their system. But we have not heard any and no bank has reported that its system was hacked.”

Fatokun said the central bank has continued to sensitise banks and other stakeholders on the dangers of ransomware, a computer malware that hackers use to hold their victim’s data hostage.
He explained further: “You know ransomware is electronic kidnapping. Just like physical kidnapping where the law enforcement agencies would always advise against paying ransom because if you pay it may never end, what we did was to tell the banks that instead of paying ransom which may not end, they should have good back up arrangements.
“So that if your system is kidnapped or held hostage so that you cannot use it, you fall back on the backup server so that you continue with your operations. Of course, if somebody is holding you hostage and noticed that your operation is still continuing, it means he has not achieved his aim and will be forced to leave you.”
According to a news report by the Cable News Network (CNN), two international security experts believe that the stolen money from cyber hacking were likely being spent advancing North Korea’s development of nuclear weapons. Banks and security researchers have previously identified four similar cyber-heists attempted on financial institutions in Bangladesh, Ecuador, the Philippines and Vietnam.

But researchers at Kaspersky now say the same hacking operation known as “Lazarus” also attacked financial institutions in Costa Rica, Ethiopia, Gabon, India, Indonesia, Iraq, Kenya, Malaysia, Nigeria, Poland, Taiwan, Thailand and Uruguay.

The hackers can be traced back to North Korea, according to Kaspersky researchers.

Source: Thisday