Bank software hacked: GH¢46 million stolen – Cyber Security

Cyber Security in Ghana

Bank software hacked: GH¢46 million stolen – Cyber Security

Six persons have been arrested in connection with the hacking of a universal bank in Accra, which led to the illegal transfer of GH¢46 million into accounts of eight persons in different banks.
The Cyber Crime Unit of the Criminal Investigations Department (CID) of the Ghana Police Service arrested a former banker and owner of Adom Sika Savings and Loans Limited, Sam Acquah, and a web developer, James Taylor, believed to be the masterminds of the cyber crime.

The others — Hudu Abdul Mumuni, Emmanuel Adams, Moro Issah and Agbenu Febous Chrissy — were picked up when they showed up at various banks to withdraw the money transferred into their accounts through the illegal wire transaction.

Two other suspects said to be part of the syndicate, who have been identified only as Boateng Mends and Pussy Cat, are on the run.

Modus operandi

The cyber hackers allegedly logged into the banking software of the bank remotely and used the login credentials of some members of staff of the bank, some of whom were on leave, to effect the illegal transfers.

Briefing the Daily Graphic, the Director of the Cyber Crime Unit of the CID, Assistant Commissioner of Police (ACP) Dr Gustav Herbert Yankson, said on July 2, this year, the unit received a complaint about the fraudulent wire transfer and immediately alerted the banks where the money had been transferred to prevent withdrawals.

“We moved in and blocked the accounts into which the fraudulent wire transfers were made. This prevented the bank whose banking software was hacked from losing the money,” he explained.

The management of the bank, on detecting the fraud, also disabled the SWIFT server immediately to prevent further transfers, after which the banks involved were alerted to prevent withdrawals.

He said investigations launched into the incident showed that 13 fake SWIFT transactions were fraudulently made, with the money transferred to the bank accounts of eight individuals in different banks between 1 a.m. and 10 a.m. on July 2, this year.

ACP Dr Yankson said four men showed up at different banks to withdraw the amount that had been wired into their accounts illegally.

He said Mumuni was arrested at a bank at Ridge, while Adams was arrested at the Madina branch of another bank, with Issah and Chrissy getting arrested at a bank branch at Dansoman, all in Accra.

Later, the police, through their investigations, arrested Acquah and Taylor.

He said the Cyber Crime Unit had since taken the server log-in details, which were being analysed as part of investigations, while devices retrieved from the suspects were being taken through forensic examination.

He said efforts were underway to arrest the two suspected members of the syndicate, and that those arrested were being prepared for court.

Attacks on banks

ACP Dr Yankson noted that in the last four months, the unit had received complaints of similar attacks against a number of banks in the country.

The incidence of attacks, he said, was usually on automated teller machine (ATM) networks, saying investigations had revealed that most of them occurred with the help of insiders (bankers).

He, therefore, advised banks to comply with the Bank of Ghana’s (BoG’s) cyber and information security directive and urged the central bank to strictly enforce the directive to forestall such attacks.

BoG directive

The BoG Cyber and Information Security Directive provides a framework for establishing cyber and information security protocols and procedures for routine and emergency scenarios, inter- and intra-company communication and cooperation and coordination with government authorities.

It also covers the establishment of reporting mechanisms, physical security measures and assurance of data and network security.

In line with the directive, banks are to place special emphasis on cyber and information security and take all the necessary steps to protect and manage their systems and data effectively, as well as expand and enhance their cyber and information security capabilities.

The directive, which applies to all regulated financial institutions and any other entities regulated by the BoG and its affiliates, came into effect in January last year.

Remain calm

ACP Dr Yankson called on banks to enhance the security of their ATMs and also install closed circuit television (CCTV) cameras around ATMs to monitor the activities of customers and bank staff.

Contact CORENET for consultation on Cyber Security measures