Foreign bank hackers invade Uganda

Foreign security agencies have cautioned against hackers that are all out to mastermind electronic fraud, targeting banks and other financial institutions in the country.

Top sources at the agencies said foreign hackers have invaded Uganda and other parts of Africa.

On Monday, Police spokesperson Fred Enanga said the Cyber Crime Unit-had arrested five people over impersonating ministers, Members of Parliament, senior army and Police officers.

The perpetrators have been creating fake Facebook accounts in the names of various very important persons, in order to fleece the unsuspecting public, promising them big projects and jobs in the Government.

According to Enanga, they were also getting several complaints from the public about being duped into paying money, revealing personal information, getting access to their computers and bank accounts.

A recent United Nations Security Council report also attributed the recent wave of hacking and rising cyber-attacks targeting banks and other financial institutions, to North Korea.

The UN report notes that to evade the tight financial sanctions imposed by the Security Council, North Korea uses "cyber-attacks to illegally force the transfer of funds from financial institutions."

The aim is to pressure North Korea to drop its nuclear-weapons programs. Sanctions will be lifted if North Korea cooperates. This has also prompted the US to deploy heavily in South Korea, among others. The US has 28500 troops in South Korea.

Cryptocurrency exchanges, the report adds, is the other way that North Korea uses to evade financial sanctions.

UN Security Council member states also accused North Korea of using cyberspace as an asymmetric means to carry out illicit and undercover operations to circumvent sanctions.

"Cyber-focused military units are directly tasked to generate income for the regime," the report notes, pointing at the Reconnaissance General Bureau, which supervises these cyber attacks in order to gain foreign currency despite the sanctions.

"On 28 July 2016, the National Police Agency of the Republic of Korea attributed a cyber attack against the online shopping mall, Interpark, to the Reconnaissance General Bureau, stating that the attack was an attempted criminal acquisition of the foreign currency," the UN reports adds.

Basing on the emerging trend of cyber attacks and highly organised hacking projects, the US has issued warnings to African states, especially Uganda, to devise techniques to curb hackers, who they say, have already evaded the country.

Through cyber - attacks and hacking, there was an attempt by North Korea to force the transfer of $2.7m.

In September last year, US indicted Park Jin Hyok, a hacker from North Korea, who is also a member of the North Korean-based hacking organization, the Lazarus Group, 108 for engaging in a "wide-ranging, multi-year conspiracy to conduct computer intrusions and commit wire fraud by co-conspirators working on behalf of the government of the Democratic People 's Republic of Korea".

According to the United States, Park "has travelled to China in the past and conducted legitimate IT work under the front company ‘Chosun Expo' or the Korean Expo Joint Venture in addition to activities conducted on behalf of North Korea's Reconnaissance General Bureau".

During the UN Security Council meeting to consider the matter, China stated that: "China has conducted an investigation based on the information provided by the Panel."

The UN report states that despite the strengthening of financial sanctions in 2017, their effectiveness is being systematically undermined by the deceptive practices of North Korea.

"Member States also continue to fail to take measures required by the Security Council resolutions, including the assets freeze and the expulsion of bank representatives of the Democratic People's Republic of Korea operating abroad," the report notes, stressing that there is insufficient implementation by the Member States of their obligation to freeze all assets controlled by designated entities or members of the Government of the Democratic People's Republic of Korea that is engaged in violation or evasion of any of the sanctions measures.

"In several cases investigated by the Panel, Member States closed but did not freeze account balances of individuals acting on behalf of designated entities, including the Reconnaissance General Bureau, and allowed them to transfer funds to banks in other countries," the report adds.

The UN report has also revealed that there are more than 200 potential cooperative entities and self-described joint ventures operated by North Koreans despite the requirement that the Member States should close them.

To curb the cyber attacks and hacking, the UN Security Council has recommended that financial activities of diplomatic personnel from North Korea be monitored and controlled with a mandatory freeze of such illicit funds by member states.

Police report

A recent Police annual report on crime indicates that last year, 198 cases were reported in 2018 compared to 158 cases in 2017, which resulted in a loss of sh610m.

"By the end of the year, 142 cases were still under inquiry, 16 cases were taken to court, 6 cases secured convictions, 2 cases were dismissed and 8 cases were still pending in court," Police stated in its report.

Interpol- Kampala and Police's Criminal Investigations Directorate (CID) are still probing a case in which 24 entities including ministries, banks, private firms and businesspersons have fallen victim to cyberfraud in which over sh67b was reportedly stolen in 2017.

According to the Police report seen by New Vision shows that the money, mainly in dollars, was fraudulently wired to foreign accounts mainly in China.

Other countries where the money was wired are; UK, Turkey, Japan, India, Singapore, Belgium, South Africa, Zimbabwe and neighbouring Kenya. The report revealed that the hackers targeted accounts in Kampala City only.

The Finance Ministry lost the biggest amount of money $8,274,001.28 (about sh30b), and it was sent to Hong-Kong.

The report indicates that this money was siphoned through the Bank of Uganda, and the case is referenced as BOU: AGO/83/137/2016. The case is under investigation by detectives from both the CID and Kampala Interpol-bureau.

The then CID spokesperson, Vincent Ssekate, said they have noticed an upsurge in e-mail related fraud where hackers compromise official emails before defrauding the holders of huge sums of money.

He noted that cyber scammers mainly target companies and individuals who transact business beyond borders. Sekatte has since been replaced by Charles Mansio Twine.

Global problem

A 2010 report by Global Cybersecurity Agenda showed that there were at least 280 million web attacks on individuals and organizations worldwide.

It is estimated that annual cybercrime accounts for more than US$105 billion (about sh268trillion) in online property losses worldwide every year.

The bodies included the Ministry of Public Service where sh169b of pension funds was allegedly swindled, Health Ministry and sh50b PRDP funds reportedly stolen from the Office of the Prime Minister (OPM) and billions lost from the Uganda Revenue Authority (URA), was the result of the public servants in the information technology department, who hacked into the IT system and reportedly generated ghost names and transfer payment vouchers, before the monies were cashed out.

Govt sets up Unit to fight cyber crime

Government has since set up a Computer Emergency Response Team (CERT), a specialized unit under the Uganda Communications Commission (UCC), to detect internet crime.

The unit prowls the internet to monitor and report high-tech crimes including cyber-based terrorism, computer intrusions, online sexual exploitation, and major cyber frauds. 

The UCC director for technology and licensing, Eng. Patrick Mwesigwa said the regulator had also acquired equipment to be used to monitor such crimes.

The facility will reduce the infiltration of malicious content such as malware, viruses and spam, as well as enhance the security of online access in the country.

The government hired a team of experts to trace suspected cases of abuse, with the help of the International Telecommunication Union (ITU), a specialized agency of the UN.

He explained that UCC's facility will serve as a national Centre for the country and provide guidance and training for organizations such as banks, media houses and institutions to install the equipment to fight cyber-crime.

The Malaysian based ITU that has set up cyber-crime detection and prevention centres for many governments, institutions and organizations across the World will also provide training to Ugandan officials who will man Uganda's Centre that is undergoing construction at UCC headquarters in Bugolobi.

The initiative is dedicated to enhancing the global community's capacity to prevent, defend and respond to cyber threats.