The Central Bank of Zambia has said it has refused to pay a ransom to a group known as Hive, which was behind the cybersecurity breach that caused minimal damage to its systems.
“All of our core systems are still working and working,” Greg Nsofu, director of information and communication technology at the Bank of Zambia, told reporters in Lusaka, the capital. “In fact, not much confidential data was sent.”
He said only some of the test data were leaks. “Knowing we had protected our core systems, we didn’t even have to participate in the ransom talk,” Nsofu said. “So we almost told them where to go.”
The central bank said on May 13 that it had suffered an alleged cyberattack that disrupted some information technology programs on May 9, including its website and change monitoring system. His website also didn’t work for at least part of May 14th.
Hive ransomware, first spotted in June 2021, has already “killed the mark as one of the most prolific and aggressive families of ransomware programs today,” according to Trend Micro, a Tokyo-based cybersecurity company. The software is commonly used to steal data and encrypt its victim’s files, leaving a note asking for payment, according to the U.S. Federal Bureau of Investigation. The group targeted U.S. healthcare operators to Indonesia’s state-owned oil and gas company.