The Central Bank of Zambia said it refused to pay ransom to a group known as Hive that was behind a cybersecurity breach that caused minimal damage to its systems.
According to the information and communications technology director at the Bank of Zambia, Greg Nsofu, not much sensitive data has actually been shipped out and all core systems are still up and running.
The central bank had on May 13 stated that it had suffered a suspected cyberattack, which disrupted some information technology applications on May 9, including its website and bureau de change monitoring system. Its website was down for at least part of May 14 too.
Hive ransomware, first observed in June 2021, has already “made its mark as one of the most prolific and aggressive ransomware families today,” according to Trend Micro, a Tokyo-based cybersecurity company.
The software is usually used to steal data and encrypt its victim’s files, leaving a note requesting payment, according to the US Federal Bureau of Investigations. The group has targeted health-care operators in the US to Indonesia’s state-backed oil and gas company.