Nigeria’s Computer Emergency Response Team (ngCERT) has
warned financial institutions to strengthen their cyber defences following a
wave of automated teller machine-related attacks targeting banks across Africa.
In an advisory dated June 25, ngCERT classified the threat
as “high risk” and warned that the attacks could cause severe financial and
operational damage if unchecked.
NgCERT is a federal government body responsible for managing
risks of cyber threats in Nigeria’s cyberspace and operates under the office of
the national security adviser (ONSA).
In the advisory, the agency cited a recent attack on United
Bank for Africa (UBA) in Senegal, where fraudsters withdrew more than $2
million through 3,421 ATM transactions.
The response team said the attackers gained privileged
access to the bank’s card authorisation infrastructure, enabling them to
manipulate transaction controls and execute coordinated cash withdrawals.
“This methodology poses a significant threat to financial
institutions operating similar ATM and card systems across the region,” the
advisory notice reads.
The agency said recent incidents show that threat actors
compromise bank networks through phishing campaigns, supply-chain weaknesses or
insider access before deploying malware and escalating their privileges.
“Once inside, attackers conduct internal reconnaissance to
map critical systems involved in ATM transaction processing, card management
and authorization services,” ngCERT said.
The agency said the attackers also manipulate withdrawal
limits, transaction velocity controls, fraud monitoring thresholds and card
parameters while creating or altering payment card records.
“These changes enable a coordinated cash-out operation
involving a distributed network of operatives who simultaneously executed
high-volume ATM withdrawals across multiple geographic locations,” the advisory
said.
NgCERT warned that successful exploitation of the attacks
could have far-reaching consequences for financial institutions.
They said successful exploitation of cyber-enabled ATM
cash-out attacks may lead to massive financial losses through rapid draining of
ATM cash reserves, compromise of core banking systems and customer account
manipulation.
Such attacks, the organisation said, could also trigger
reputational damage, regulatory penalties, disruption of financial services and
broader network compromise leading to data breaches.
To mitigate the threat, ngCERT urged banks to strengthen
privileged access controls and implement multi-factor authentication for all
administrative accounts.
The agency also advised financial institutions to
“immediately harden ATM infrastructure by disabling unnecessary remote access,
applying latest firmware patches, and reviewing third-party remote access
pathways and vendor accounts”.
NgCERT also recommended strict network segmentation,
enhanced real-time transaction monitoring, continuous threat hunting, regular
penetration testing, and red-team exercises
The agency called for stronger staff awareness on phishing
and insider threats, alongside regular testing of incident response plans
tailored to ATM cash-out scenarios, as banks move to bolster resilience against
increasingly sophisticated cyberattacks.
Advertise on NigerianEye.com to reach thousands of our daily users
No comments
Post a Comment
Kindly drop a comment below.
(Comments are moderated. Clean comments will be approved immediately)
Advert Enquires - Reach out to us at NigerianEye@gmail.com