Ursula Owusu Ekuful
Abdulla Sulemana is a forensic expert working in a reputable company in Accra. One Saturday morning, he received a mobile phone call for a man who identified himself as Kwame Adu Asare, calling from Accra.
According to the caller, he was doing some registration online and had mistakenly put Abdulla’s mobile number on what he was registering. He claims his mobile number is similar to Abdulla’s number and that the password of what he was registering has been sent to Abdulla’s phone.
(2ndR – L), Godwin Tamakloe, Eric Kwaku Mensah, ACP/Dr. Herbert G. Yankson and Kwame Agyapong Oppong.
Asare was appealing to Abdulla to give him the reset code that was sent to his phone so that he could finish his registration. At that point Abdulla checked his phone and discovered that a code number 6310 had been sent to his phone.
Abdulla had wanted to send the number to the caller but upon a second thought, he called the said Adu Asare to use his mobile phone number, which he claims is similar to his number, to call him for the reset code.
Interestingly, the caller told Abdulla that he had no credit on that mobile number to make the call. Abdulla says, he also declined to resent the code to the caller until midday when he went online to find out more, and that was when he discovered that the caller was a fraudster and account hacker who was trying to reset his Mobile Banking App Pin.
“You can imagine, if I had given him the code which was sent to my phone, he would have used it to reset my Mobile bank app account and taken my money.”
Abdulla Sulemana then urged all to be vigilant since fraudsters were constantly devising new strategies to get their targets swindled.
Dr Albert Antwi Boasiako, national cyber security advisor.
Background
The outbreak of Covid-19, has compelled millions of people across the world to work from home, shop online, study from home and used mobile device for various activities.
Several persons have also shifted their banking and purchases activities to online channels since the outbreak of Covid-19 in order to stay at home and order goods.
Majority of workers are now working from home instead of office full time during this pandemic.
As a result, a new wave of cyber threats has also emerged targeting individuals, mobile money transactions, banks, e-commerce among others.
The drastic changes in e-commerce and mobile banking, created an entirely new target set for malicious actors to exploit weaknesses in remote corporate networks, merchant e-commerce sites and financial institutions dealing with massive increases in mobile banking transactions.
Director in Charge of the Cyber Crime Unit of Criminal Investigation Department (CID) of the Ghana Police Service, ACP Dr Gustav Herbert Yankson, has testified to the media that cyber attacks on individuals and organizations including banks have increased within this period as a result of the pandemic.
“At an alarming rate, transnational organized crime groups are leveraging specialist providers of cybercrime tools and services to conduct a wide range of crimes against financial institutions, including ransomware campaigns, distributed denial of service attacks, business email compromise scams and access mining,” he stated.
He stressed the need for collaboration between the telecommunication networks and government agencies to help check and monitor the activities of the suspected fraudsters.
He pointed that the digital address system facilitated the tracking of cybercriminals adding that it has helped the public report the activities of mobile money fraudsters with ease.
Lately several banks have been a target of internet scammers.
West African banks had been hit by multiple hacking waves according to a report published by US cyber-security giant Symantec. Banks and financial institutions in West Africa were hit by four different hacking campaigns last year.
Organizations in Cameroon, Congo (DR), Equatorial Guinea, Ghana, and the Ivory Coast have been hit, Symantec said.
According to Symantec, the attacks, which have not yet been attributed to any hacking group, in particular, have used low-end malware strains and applications natively found on Windows systems.
The malware used in these attacks is the kind you find shared for free online, or anyone can buy via dedicated websites or from hacking forums.
The list includes Cobalt Strike (a pen-testing framework repurposed as a modular backdoor), Mimikatz (a pen-testing tool repurposed as a password stealer), and the NanoCore, Imminent Monitor, and Remote Manipulator System, all three being remote access trojans (RATs).
On top of these, Symantec says that hackers also used local tools such as PowerShell (a native Windows scripting utility), PsExec (a Microsoft Sysinternals tool used for executing processes on networked systems), and Windows RDP (a native Windows utility for connecting to remote Windows systems via a desktop-like interface).
Attackers also deployed UltraVNC, an open-source remote administration tool that some companies’ system administrators install so they can connect and manage remote systems, a-la TeamViewer, PsExec, or RDP.
Other Victims Of Cyber Fraud
Regional Minister for the newly created North East Region, Solomon Namliit Boar, has expressed worry over the frequent use of his identity by cybercriminals to defraud unsuspecting Ghanaians on various social media platforms.
“I have on a number of times fallen victim to cybercrime and in the last six months, people have been scammed through the use of fake social media account that bears my name and pictures”.
Mr. Boar expressed this concern about the increasing rate at which fraudsters always device strategies to defraud their victims.
Speaking at Regional Cyber Security Sensitisation Programme organized by the National Cyber Security Centre (NCSC) in Nelerigu, the North East Regional capital, he said the education was timely since many individuals have limited knowledge of cyber security issues.
An Assessment conducted by International Criminal Police Organization (INTERPOL) has also revealed that major corporations, movement and critical infrastructure have become major targets for cyber criminals since the outbreak of the coronavirus pandemic.
The National Security Advisor, Dr Albert Antwi-Boasiako said the Cybercrime/Cyber security Incident Reporting Points of Contact (PoC) has saved over 5000 Ghanaians from being defrauded between January to August 2020.
He said many of the potential victims during the period stated, called the centre to seek guidance and advisory on resolving potential cyber security incidents including those who were nearly defrauded by cyber fraudsters as well as criminals exploiting COVID-19 related themes to target unsuspecting citizens.
Adding, he said “Cyber Fraud, Publication of Non-Consensual Intimate Images, Misinformation, Phishing attacks, Online Impersonation and Identity Theft, Child Online Abuse, Distributed Denial of Service (DDoS) attacks and Ransomware attacks are among the top ten cyber security incidents recorded by Ghana.”
All these information, he hinted, was compiled through reports received by the National Cyber Security Centre through the Cybercrime/Cybersecurity Incident Reporting Points of Contact (PoC) and reports received from Sectoral Computer Emergency Response Teams (CERTs) and institutions including the Criminal Investigation Department.
Ghana Loses $136,000 In Two Years To Cyber Criminals
Ghana lost a total of $136,000 to activities of fraudsters in 2018 and 2019. Kwame Agyapong Oppong, an official of the Central Bank said about $93,000 was lost to cybercriminals in 2018 and $43,000 in 2019 in the mobile money sector.
He urged the National Cyber Security Centre NCSC management to speed up the creation of awareness and public education to help check the activities of fraudsters in the mobile money sector.
The Deputy Minister of Communications, George Andah said the presence of cybercriminals online put critical infrastructures at risk since their Confidentiality, Integrity and Availability (CIA) risk are being compromised and consequently deprive people of critical services.
“Many high-ranking Government officials have also been the target for impersonation and identity theft cases. This means that Government in collaboration with key stakeholders, need to strengthen existing protocols to ensure intensified resilience of various ICT systems used by the public and institutions of the various sectors of the economy.”
Adding that, despite these discouraging revelations, he believes digitalization has proven to be the best option for business continuity, normalization, access to educational facilities and materials, and critical operations among other endeavors.”
Education On Cyber Security Issues
An officer of the National Cyber Security Centre, Aaron Felix Opoku, has confirmed that cyber security culture among the public remains the biggest stumbling block.
He said, “although many Ghanaians are adopting the use of digital platforms for business transactions, few have taken the pain to educate themselves on cybercrime and cybersecurity issues”
Delivering a presentation on cyber security recently, Mr Opoku said findings of the Cyber security Maturity Model conducted by the Ministry of Communications indicate that cyber -security and society which deals with cyber-security mind-set, trust and confidence on the internet, user understanding of personal information protection online, reporting mechanisms and media and social media are the biggest challenge facing the country.
MTN, Other Telcos Commitments
A representative of MTN Ghana, Godwin Tamakloe, has said MTN Ghana has invested about $2.5 billion to build a system that can protect customers in the mobile money sector and make fraud costly for the criminals.
According to him, suspected criminals who use their phones to defraud their victims risk having their mobile phones and SIM cards blocked to deter potential perpetrators.
He also refuted claims that insiders in the telecoms networks leak confidential information of clients to the fraudsters.
“MTN respects and protects data and privacy of its clients; hence disgruntled staff of the agency are been deactivated from the systems of the company immediately,” Mr Tamakloe said.
To tackle the challenges of fraud in the financial sector and create public awareness, a representative of Financial Intelligence Centre (FIC), Kofi Boakye, also stated that his organization has secured a new online reporting and communications portal.
Mr. Boakye disclosed that FIC receives financial disclosures of, suspicious transactions report, cash threshold report, electronic fund transfer reports about the threshold, including full account disclosure report on request , politically exposed persons report among others.
Government’s Efforts
Deputy Communications Minister, George Andah says the communications sector among others, have been working tirelessly to shoulder the huge responsibility of ensuring seamless interactions within the digital ecosystem.
“In order to make room for these surges, the Government of Ghana, through the Ministry of Communications, granted extra spectrum to some mobile network operators to ease the pressure by the public on data bandwidth.”
The Minister of Communications, Ursula Owusu-Ekuful, has also confirmed that Government websites have been subject to cyber-attacks including website defacements, Denial of Service (DoS) and Distributed Denial of Service (DDoS), among others. Data leakage, through hacking of computers and databases, has also been reported. And most surprising is how some public sector officials have also taken advantage of their privileged access to government data to leak sensitive information to achieve their malicious personal gains.
“As we continue to digitalize, we need to take our cyber security seriously. It is on this note that the Ministry has established the National Cyber Security Centre (NCSC) to coordinate cybersecurity incidents both in government and with the private sector.”
She says, NCSC through the National Computer Emergency Response Team (CERT-GH) has been leading national incident response measures in collaboration with key sectoral CERT’s including NITA-CERT, NCA-CERT and a similar facility at the Bank of Ghana which handles cybersecurity issues emanating from the financial sector.
These strides, she revealed speak to the efforts being made by Government to sanitize Ghana’s digital space.
“It is in continuation of the said efforts especially on Government networks, that the Government has established the National Information Technology Agency Security Operations Centre (NITA-SOC) which will be responsible for establishing protocols and procedures for routine and emergency scenarios for coordination of cyber incidents and cybercrime handling for MDAs.”
Mrs Owusu-Ekuful, who is also the Member of Parliament for Ablekuma West in Accra, says NITA-SOC, will work with the National CERT and the IT teams of the MDAs to ensure that all activities undertaken by MDAs within the digital ecosystem is secured and safeguarded to ensure effective delivery of services by MDAs.
“The NITA-SOC will also serve as a threat monitoring infrastructure to identify threats that seek to plague the systems used by MDAs while preventing, detecting, analyzing, and responding to cybersecurity incidents.”
By Linda Tenyah-Ayettey
(lindatenyah@gmail.com)