The Central Bank of Lesotho, a small enclave surrounded by South Africa with a population of just over 2 million, is facing serious disruptions to its systems due to a cyber attack discovered early last week. The bank released several statements confirming that an incident.
“The Central Bank of Lesotho informs the public that on Monday, 11 December 2023, it experienced a cyber security incident within its systems. The bank has investigated the matter and is working 24 hours a day to restore systems,” the bank said on Tuesday the 12th.
“The bank wishes to assure the public that it has not suffered any financial or other loss. However, the bank suspended some of its systems to prevent further infiltration by attackers. Consequently, some payments may be delayed while the bank works to return systems to normal,” the statement added.
The institution released another statement on Wednesday, 13th, together with the Lesotho Bankers Association, notifying that the continued period of inactivity of the National Payment System “has made it impossible for all local banks to honor interbank transactions in the country”.
Technical teams are working to resolve the issue, the bankers’ association and the central bank said, but authorities “have agreed to institute business continuity processes and measures as alternative ways to facilitate payments and transactions between all banks.” The statement did not specify what these alternatives were.
Local media reported that because the country’s currency — the Loti — is pegged to the South African rand, there were concerns that the incident could affect the exchange rate. South Africa has been at the center of two headline-grabbing cybersecurity incidents this year. In June, the state-owned Development Bank of Southern Africa confirmed it had been hit by ransomware.
The country’s Defense Department was attacked by another ransomware gang in September and nearly caused an international incident because it occurred during an already controversial BRICS Summit in Johannesburg. The gang leaked the South African president’s phone number and email , along with a portion of the 1.6 terabytes (TB) of data stolen from the country’s defense systems. The government initially denied the attack before admitting that a breach had occurred.
Financial ransomware groups are considered the most dangerous and typically carry out attacks on smaller institutions, generally in small countries like Lesotho, in preparation for larger and more profitable operations
Source: CisoAdvisor
