The Africa Centre for Digital Transformation (ACDT) has issued a warning to banks in Ghana about potential cybercrime threats following a global software failure.
The incident, which occurred on July 19, 2024, involved a defective update from cyber-security firm CrowdStrike, affecting millions of Microsoft Windows devices worldwide.
The software glitch, which lasted for 78 minutes, disrupted various sectors including banking, aviation, and healthcare. Microsoft confirmed that the faulty update impacted 8.5 million Windows devices, leading to widespread system failures. Despite CrowdStrike's rapid response to rectify the issue, the damage was extensive, causing numerous flight cancellations and operational disruptions at banks.
In light of these events, the ACDT in a statement issued today cautioned financial institutions in Ghana about a fake CrowdStrike update being promoted through a phishing site (portalintranetgrupobbva[.]com).
This fraudulent update installs the Remcos Remote Access Trojan (RAT), posing significant security risks. The phishing site masquerades as a BBVA intranet portal, misleading banks into downloading malicious software that can compromise their systems.
Additionally, the ACDT's Cyber Security unit has identified a new group of cyber attackers distributing a data-wiping malware under the guise of a CrowdStrike update. This malware overwrites files with zero bytes, rendering systems inoperable and reporting the damage back to the attackers.
The ACDT urges banks, savings and loans institutions, and rural banks in Ghana to be vigilant, especially those using CrowdStrike and Microsoft Azure antivirus solutions. Threat actors are impersonating CrowdStrike by sending emails from the domain ‘crowdstrike.com.vc’, claiming to offer a tool to restore Windows systems.
To mitigate these risks, the ACDT recommends several proactive measures:
- Activate Backup Systems and Redundancies: Switch to backup servers and data centres if primary systems are affected.
- Implement Business Continuity Plans (BCP): Ensure all employees understand their roles during IT outages.
- Enhance Communication: Maintain clear communication with customers regarding outages and resolutions.
- Engage Incident Response Teams: Deploy dedicated teams to address and resolve the outage.
- Monitor Systems and Security: Continuously check IT systems for anomalies or threats.
- Conduct Post-Outage Analysis: Perform thorough analysis and reporting of the outage's cause and impact.
- Customer Support and Assurance: Provide additional support to reassure customers about data security.
- Review and Update Contingency Plans: Regularly update contingency plans based on lessons learned.
- Collaborate with Industry Partners: Share information and best practices within the industry.
- Invest in IT Resilience: Enhance IT resilience through robust disaster recovery solutions and diversified cloud services.
The statement said by taking these steps, banks in Ghana can safeguard their operations, maintain customer trust, and bolster their preparedness for future incidents.
Latest Stories
-
Ghana Premier League is getting more interesting – Otto Addo
4 mins -
EC should audit voter’s register to clear bloated roll allegations – Kofi Abotsi advises
10 mins -
EC must be transparent and truthful to conduct peaceful election – Torgbiga Mawufeame Fugah
10 mins -
Ghana Energy Awards announces shortlisted nominees for the 8th edition
17 mins -
Apathy in Ashanti Region only exists in isolated cases – Manhyia South PC
29 mins -
TECNO AI Vision unveiled at IFA Berlin 2024
35 mins -
Akosombo Dam spillage reveals systematic failures in disaster readiness – Research
50 mins -
Akwasi Agyeman outlines benefits of NPP’s Travel Protocol Service
51 mins -
CICMG urges government to introduce LI to regulate credit market
57 mins -
NDC won’t have a sweet victory without Hohoe seat – Ablakwa
59 mins -
No Ghanaian should drink contaminated water – Engineer
1 hour -
Ghana’s biggest lender is not who you think
1 hour -
Calls for ban on small-scale mining unfair – Small-Scale Miners Association
1 hour -
Akufo-Addo’s anti-galamsey committee won’t succeed – GNAT
1 hour -
Don’t ban small-scale mining – Association to government
1 hour