Asian Hackers Steal $17 Million from Uganda’s Central Bank

Hackers have infiltrated the systems of the Bank of Uganda, stealing a staggering 62 billion Ugandan shillings (approximately $17 million), according to a report by Bloomberg. The breach, reportedly executed by a cybercriminal group called “Waste” based in Southeast Asia, has raised serious concerns about cybersecurity in the country.

According to the report, the Bank of Uganda managed to recover about 37 billion shillings of the stolen funds. However, investigations by police and the auditor general’s office are ongoing to trace the remaining amount and identify those involved. The central bank has not yet issued an official statement regarding the incident.

While Bloomberg reported the theft of 62 billion shillings, Kampala-based newspaper Daily Monitor gave a slightly different figure, stating that 47.8 billion shillings was stolen. The newspaper revealed that the funds were siphoned into two accounts located in Japan and the UK in September. It further alleged that the fraud was an “inside job,” implicating some employees within the Bank of Uganda and the finance ministry. Several individuals have reportedly been questioned as part of the ongoing investigations.

The Daily Monitor’s report has shed light on possible internal complicity in the heist, raising concerns about the central bank’s internal security protocols. While the full extent of employee involvement is yet to be disclosed, the revelation has sparked debates about the robustness of Uganda’s financial oversight mechanisms.

The involvement of international accounts in Japan and the UK has also prompted calls for collaboration with global law enforcement agencies to recover the stolen funds and apprehend the perpetrators.

This incident highlights a growing cybersecurity threat to financial institutions in Uganda and across the continent. Cybercriminal groups like “Waste” are increasingly targeting institutions with inadequate digital safeguards, exploiting vulnerabilities to carry out sophisticated fraud schemes.

Dr. Isaac Mugabi, a cybersecurity expert, expressed concern about the breach, noting that it underscores the urgent need for stronger digital defenses. “Financial institutions must treat cybersecurity as a top priority. The sophistication of these attacks shows that even central banks are not immune,” he said.

The Ugandan government has yet to release a comprehensive statement on the breach, leaving many citizens worried about the safety of the nation’s financial systems. Analysts argue that this incident could erode public confidence in the banking sector if swift actions are not taken to address the breach and prevent future attacks.

Authorities are now under pressure to ensure transparency in the investigation and implement reforms to strengthen cybersecurity measures. Public trust in the banking sector hinges on how the Bank of Uganda and the government handle this high-profile case.

As investigations continue, the incident serves as a stark reminder of the growing risks posed by cybercrime to financial systems, calling for enhanced vigilance and collaboration among stakeholders to protect national assets.