‘Clients’ personal data not compromised in DBS ransomware attack’ | 16 September 2020
The Development Bank of Seychelles (DBS) yesterday refuted claims that personal data of clients has been compromised, following a ransomware attack on its system on Monday September 7.
Chief executive Daniel Gappy reassured at a press conference that no data has been breached by cybercriminals who attacked the bank’s computer system with calix ransomware, a malicious software through which cybercriminals encrypt files, blocking users’ access, only restoring access to the encrypted files after payment.
Upon detecting the ransomware, DBS proceeded to disconnect its servers, seeking the assistance of an overseas company to decrypt the data but to no avail. With ransomware, files cannot be decrypted without a mathematical key, known only to the attacker. DBS has since sought the assistance of a local consultant and is presently working to recover the ‘locked’ data, and subsequently compile and transfer the data to another software, through an overseas service provider.
“We are in the recovery process, as of Monday, we have compiled all the data to be transferred to another software, so by Thursday (tomorrow), core banking will be operational,” Mr Gappy said.
In comparison to commercial banks, DBS does not facilitate day-to-day banking transactions such as deposits, but rather, issues loans. In view of this, the possibility of depositors approaching the bank to claim missing funds is non-existent, Mr Gappy added.
While data was not compromised through the attack, the files encrypted by the ransomware have disrupted DBS’s core banking system, the back-end system which processes transactions and post updates to accounts and other financial records.
“Despite having an incident response plan in place so as to minimise the damage caused by cyber-attacks, the incident has served to jolt DBS and other actors into action to reassess computer and security systems. As it is suspected that the malware infiltrated DBS’s system through phishing spam either through email or file downloads, it is imperative that awareness is raised among employees and e-mail security stepped up,” Mr Gappy stated.
“After the attack, we will increase security, purchase more equipment and conduct more back-ups. One of the challenges we need to address is that our back-ups were backed up on the server. We have one server here (Independence House) and one at Providence, and automatically, at a certain time, it backs-up. We will reinforce this by having an offline back-up which means we will physically go there and back it up,” he said.
“Technology is evolving and changing every day, and if we are not abreast of the latest developments, it could bring down the whole banking system,” Mr Gappy said, noting that the Central Bank of Seychelles, as the regulator for the banking sector, is closely monitoring the developments.
DBS’s product and service offering remains operational however, through manual modes. Clients are advised that they will be contacted during the next week to be informed about their respective transactions.
Funds managed by DBS, namely, the Seychelles Business Financing Agency (SBFA) Fund, and the newly launched Small Business Support Fund (SBSF), which was launched on September 10, are operating as usual.
DBS is expected to issue a press release next week once its core banking system has been restored.