FG Mandates Enhanced Cybersecurity for Banks Amidst $2M UBA Senegal ATM Heist
The Federal Government has issued a stark warning to Nigerian financial institutions, urging them to fortify their Automated Teller Machine (ATM) and card payment systems against escalating cyber threats. This directive follows a significant cyber-enabled heist that saw over $2 million illicitly withdrawn from United Bank for Africa (UBA) operations in Senegal.
The alert, disseminated via a high-risk cybersecurity advisory on June 25 by the Nigeria Computer Emergency Response Team (NgCERT), an agency operating under the Office of the National Security Adviser, underscores the pervasive nature of these attacks across the African continent. NgCERT detailed how cybercriminals successfully compromised UBA Senegal’s card authorisation infrastructure, executing 3,421 fraudulent ATM transactions in a meticulously coordinated cash-out operation.
NgCERT characterised the UBA Senegal incident as a critical threat to financial institutions employing similar ATM and card payment infrastructures across Africa. The agency cautioned that Nigerian banks remain vulnerable unless robust safeguards are promptly implemented. Investigations into the attack revealed that perpetrators typically gain initial access to banking networks through phishing campaigns, exploitation of supply-chain vulnerabilities, or insider compromises, subsequently escalating their privileges within critical systems.
The advisory further elucidated the modus operandi of these cybercriminals. Upon infiltrating a bank’s network, attackers conduct internal reconnaissance to pinpoint systems responsible for ATM transaction processing, payment card management, and transaction authorisation. Subsequently, they manipulate key parameters such as withdrawal limits, transaction velocity controls, fraud monitoring thresholds, and payment card records. This manipulation enables multiple operatives to execute simultaneous, high-volume cash withdrawals from ATMs across diverse geographical locations.
The potential ramifications of successful attacks are severe, NgCERT warned. These include substantial financial losses due to the rapid depletion of ATM cash reserves, compromise of core banking infrastructure, and unauthorised manipulation of customer accounts. Beyond direct financial impact, such breaches can inflict significant reputational damage, lead to regulatory sanctions, cause service disruptions, and result in large-scale data compromises, posing a multifaceted risk to the stability and integrity of the financial sector.
In response, NgCERT has mandated that banks strengthen their privileged access management protocols by enforcing multi-factor authentication for all administrative accounts. Financial institutions are also directed to enhance ATM infrastructure security by disabling unnecessary remote access, deploying the latest firmware updates, and rigorously reviewing third-party vendor access to critical systems.
Further recommendations include the implementation of strict network segmentation, enhanced real-time transaction monitoring, continuous threat hunting, and the execution of regular penetration testing and red-team simulation exercises to bolster resilience against evolving cyber threats. NgCERT also stressed the importance of intensifying staff awareness programmes focused on phishing and insider threats, alongside conducting regular incident response drills specifically tailored to ATM cash-out scenarios. The agency emphasised that proactive cybersecurity measures are no longer optional but imperative, given the increasingly sophisticated tactics employed by cybercriminals targeting banking infrastructure continent-wide.
