Cyber Heist: Hackers Steal $17 Million from Uganda’s Central Bank
The Bank of Uganda has found itself at the center of a major cyber heist, with hackers infiltrating its IT systems and stealing 62 billion Ugandan shillings (approximately $16.8 million). This audacious attack has sparked a nationwide investigation and shone a light on the growing vulnerability of financial institutions in Uganda.
The Background of the Cyber Attack
On November 28, Uganda’s finance ministry confirmed the cyber breach, marking one of the most significant security incidents in the country’s financial history. Hackers reportedly transferred millions from central bank accounts to foreign destinations, including Japan and the United Kingdom. Initial reports suggested that insiders at the central bank and the Ministry of Finance may have facilitated the theft.
The group behind the attack, identified as “Waste,” is believed to operate from Southeast Asia. Investigators suspect that the stolen funds were laundered through international accounts, some of which have been frozen following swift action by cybersecurity teams and law enforcement agencies.
How the Hack Unfolded
It is true our accounts were hacked into, but not to the extent reported. An audit and investigation are near completion,”, Henry Musasizi
According to State Minister for finance Henry Musasizi, the breach occurred in September, compromising the bank’s accounts. Musasizi revealed the incident during a parliamentary session, noting that ongoing investigations by the Criminal Investigations Department (CID) and the Auditor General aim to uncover the full extent of the theft. “It is true our accounts were hacked into, but not to the extent reported. An audit and investigation are near completion,” Musasizi stated.
How the Hack Unfolded
The Bank of Uganda has reportedly recovered over half of the stolen funds. Cybersecurity teams, in collaboration with the National Information Technology Authority (NITA-U), traced some of the stolen money and successfully froze foreign accounts before withdrawals could be completed. Of the $16.8 million stolen, $11 million remains frozen in overseas accounts, pending further retrieval efforts.
A source involved in the investigation explained, “With the help of international counterparts, accounts in Japan and the UK were frozen, preventing further losses. Our current task is to trace and recover the remaining funds.”
Ongoing Investigations and Arrests
The probe, led by a joint team comprising Uganda’s Defence Intelligence, CID, and the Chieftaincy of Military Intelligence (CMI), has so far interrogated 17 suspects. Nine of these individuals are employees of the central bank, while six are from the Ministry of Finance, and two work at the accountant general’s office. Several suspects remain under surveillance, with their electronic devices confiscated as part of the investigation.
Currently, five suspects are in custody at a secure facility in Kampala. Security agencies have also convened a Joint Operations Committee (JOC) to oversee the investigation and provide updates directly to President Yoweri Museveni.
President Museveni’s Response
President Museveni has demanded a comprehensive investigation into the incident. This directive comes as part of a broader push to strengthen Uganda’s cybersecurity framework and protect critical financial institutions from future threats. Security experts have warned that Uganda’s banking sector faces increasing risks from cyberattacks, with financial institutions often reluctant to disclose breaches for fear of eroding customer confidence.
The Bigger Picture: Rising Cyber Threats in Uganda
This high-profile breach is not an isolated case. Cyber thefts targeting banks and telecom firms have become alarmingly frequent in Uganda. Industry insiders cite inadequate cybersecurity infrastructure and insider collusion as significant vulnerabilities. Despite the growing threat, many banks avoid publicizing such incidents, fearing reputational damage and loss of customer trust.
The Road Ahead: Bolstering Cybersecurity
The Bank of Uganda heist underscores the urgent need for robust cybersecurity measures across Uganda’s financial ecosystem. Experts recommend the following steps to prevent future breaches:
- Strengthening IT Systems: Regular audits and updates of IT infrastructure to address vulnerabilities.
- Enhanced Staff Training: Educating employees on cybersecurity best practices to prevent insider threats.
- International Collaboration: Partnering with global cybersecurity firms to tackle sophisticated hacking groups.
- Legislative Measures: Enacting stronger cybercrime laws to deter hackers and prosecute offenders effectively.
Conclusion: A Wake-Up Call for Financial Institutions
The Bank of Uganda cyber heist serves as a stark reminder of the evolving nature of cybercrime. As the investigation continues, Uganda must prioritize cybersecurity investments to protect its financial systems and rebuild public trust. With global cooperation and internal reforms, the country can strengthen its defenses against future attacks.
This incident should act as a catalyst for all financial institutions in Uganda to embrace a proactive approach to cybersecurity, ensuring that such breaches become a thing of the past.
