26 Oct 2015

African Cyber Risk Institute chairperson, Mr Dziki Nganunu has cautioned that cyber criminals were now targeting bank employees in pursuing cyber-crime. 

“Cyber-criminals are now targeting employees through Facebook and other social media to identify who works where, then send a target e-mail, which then compromises the system,” Mr Nganunu said. 

He was speaking at the Botswana Institute of Bankers annual gala dinner, which was held at Boipuso Hall recently, under the theme Managing Cyber Fraud in a Technology Savvy Era, Implications of Impact on the Banking Industry.

He said the trend was now on data theft, credit card fraud, Identity Card Fraud.

“Data has become quite a valuable commodity, if the hacker cannot get to the bank, they can get data then use it to access funds,” he said.

He indicated that most of the serious attacks emanated from Eastern Europe and parts of Russia because of the issue of idle minds made as a result of unemployment.

“You can imagine how all students in Information Technology (IT) courses in Botswana, who are unemployed with idle minds, who are a potential threat,” he said.

He added that the issue of available knowledge, cheap power, easy to get information and the fact that there was no need for a degree in order to hack because software and passwords can be downloaded for free or even cheaper prices.

Mr Nganunu said the other aspect, especially the most serious cyber fraud, was anonymity because there was a way to hide the IP addresses and location.

“There is a really serious crime called cyber fraudsters, who use the dark web, which makes it impossible to trace activity through its use,” he said.

He said on average, it took over 200 days for banks to realise that there had been a cyber-bridge.

“Hackers usually go beyond a network for more than a year before the banks could realise,” he said.

He said they were concerned that there was no legal framework and even if so, there was need for police and judiciary in order to combat the crime.

Mr Nganunu however said Botswana was working on developing a data protection law.

Further, he implored bank staffs, senior management, board members to be aware of the ever changing dangers.

He also encouraged them to design and implement robust cyber security policies, which he said must include use of social media by employees, both inside and outside work, profile employees who had access to critical systems and information as well as promote code of ethics at IT training institutions.

Meanwhile, former BIOB director, Ms Brenda Morapedi was honoured for 21 years of service, while the former chairperson and National Development Bank (NDB) chief executive officer received an award for 23 years of service. 

The 2015 most deserving employee award was given to Otlaabotsa Tsie of Botswana Savings Bank (BSB), Thabiso Masilo received an award in Banking related studies while Tebalo Osenyeng of Delta International won the school essay competition. Ends