The Africa Centre for Digital Transformation (ACDT) has issued a warning to banks, savings and loan institutions, and rural banks in Ghana regarding imminent cybercrime threats. This alert comes in the wake of a worldwide software failure involving Microsoft and cybersecurity firm CrowdStrike.
The ACDT reported the emergence of a new group of cyber attackers who are exploiting the recent software issues to spread malware disguised as CrowdStrike updates. Financial institutions utilizing CrowdStrike antivirus and Microsoft Azure services are urged to exercise caution, as multiple threat actors are impersonating CrowdStrike in official-looking emails meant for data distribution.
In one notable case, attackers sent out fraudulent emails from the domain ‘crowdstrike.com.vc’, suggesting that a tool was created to restore Windows systems online specifically for banks. Additionally, a deceptive CrowdStrike Hotfix update was found to be distributing the Remcos Remote Access Trojan (RAT) through a phishing site mimicking a BBVA intranet portal, misleading banks into installing it to prevent network connectivity issues.
In light of these threats, the ACDT emphasized the need for comprehensive security strategies. It called for financial institutions to implement immediate reactive measures, including activating backup systems, ensuring clear communication with customers, and executing business continuity plans.
Moreover, the ACDT recommended that institutions participate in incident response teams, monitor system security actively, conduct post-outage analyses, and invest in enhanced IT resilience measures.
On July 19, 2024, a significant global tech outage impacted CrowdStrike and Microsoft, disrupting various sectors, including banking, aviation, and healthcare across multiple countries. CrowdStrike attributed the outage to an antivirus update that inadvertently caused widespread failures in Microsoft Windows devices.
In April 2024, Richard Okyere-Fosu, the Director-General of the National Information Technology Agency (NITA), reported that 60% of government systems in Ghana lacked adequate antivirus protection, raising security concerns. Furthermore, an assessment indicated that only about 30% of government systems were appropriately equipped with the necessary antivirus solutions.
The first half of 2023 witnessed cyber fraud activities inflicting direct financial losses amounting to $4.32 million (GH¢49.5m) in Ghana. In response, the Cyber Security Authority (CSA) of Ghana granted licenses and accreditation to 51 cybersecurity firms on July 15, 2024, aiming to bolster the country’s cybersecurity landscape.
Stay well-informed and be the very first to receive all the most recent updates directly in your email! Tap here to join now for free!
