At least eight million cyberspace attackers have attempted to hack into Rwanda’s financial institutions in 2017 and, in several occasions managed to enter into one of the systems, but stolen money was always tracked and recovered.
Central Bank Governor John Rwangombwa said the bank registered 80 hacking cases. One case of money recovered was successfully done with the help of some Rwandans in one of the institutions in which Rwf900million was stolen.
“The money was transferred to one of the banks, but we were able to recover the funds in time, with the help of police,” Rwangombwa said during a consultative meeting on Cyber and Financial Crimes held under theme: ‘Cyber Crime as an Emerging Threat: Status and Strategies’.
In 2016, Police says that Rwanda managed to intercept attempts to steal Rwf1billion and €340 while in 2017 the cyber thieves attempted to walk away with Rwf2billion and $ 605,028 in vain.
While both the bankers, police and the central bank agree that cybercrimes are a new phenomenon in the country, Rwanda has made a commitment to beefing up IT equipment in banks, training staff in hacking loophole and attempts and sensitize citizens- with the latter being a priority this year and due to start soon.
The central bank says that this because the existing cases (Virtually every form of crime – from intellectual property theft to terrorism, to mobile banking services) remain a threat to the national economy and development.
“Criminals are constantly developing new techniques for cybercrime, we need to keep a constant review on activities carried out in banks,” Rwangombwa said.
Last year, hackers known as ‘Anonymous’ managed to enter the security of a one company Broadband Systems Corporation (BSC) — a private firm that provides the government with video conferencing technology — and dumped its private data to the public.
Despite a lack of experts to tackle sophisticated cybercrimes in Africa, Police Inspector General of Police (IGP) Emmanuel Gasana also said that cybercrimes remain a global threat but several cyber control measures have been put in place and institutions have created synergies in countering cybercrimes.
For example, Rwanda police have set up a cybercrime department while the Ministry of Defense has earmarked female soldiers to take a lead role in fighting cybercrime as the government contemplates enforcing the cybersecurity department, dubbed “Cyber Battalion.”
Cybercrime ranks as this year’s second most reported economic crime and is steadily growing in Africa, according to PricewaterhouseCoopers.
Also last year Rwanda became the second country in the region after Kenya to launch a $3 million cybersecurity system aimed at protecting public and private institutions against online crimes, after adopting its maiden national cybersecurity policy in 2015.
Some employees ignore IT security practices which the central bank says can exposes companies to risks of attacks.
Bankers like Ignace Musangamfura, the General Manager of Goshen Finance says that there is negligence among other risks identified by industry players are lack of fundamental security practices.
“The risks are high and unusual to us (bankers). Now see the need to invest in training staff and purchase of security equipment to mitigate these attempts which are not foreseen,” Musangamfura said.
According to Cisco Annual Cybersecurity Report 2017, the majority of organizations spend less than $5,000 annually on cybersecurity products while some have no budget and do not train their staff in cybersecurity.
East Africa’s financial institutions with Kenya losing $171 million to cybercriminals, Tanzania $85 million and Ugandan companies $35 million in the year 2016, and in general African countries lost at least $2 billion in cyber-attacks in 2016 according to IT security firm Serianu report last year.
However, Rwanda is seeking $1.5 million for the construction of a cyber-security centre that will coordinate investigations in eastern Africa against cybercrimes and cyber-enabled crimes such as terrorism, trafficking and money laundering