The Bank of Zambia made it obvious that they will not pay a ransom to the Hive operation by publishing an image of male genitalia and urging the hackers to s… (Here, you may use your imagination). The Bank of Zambia, the country’s central bank, announced last week that recent technical breakdowns were the result of a cyberattack.
“The Bank of Zambia wishes to inform members of the public that it experienced a partial disruption to some of its Information Technology (IT) applications on Monday 9th May 2022,” disclosed the bank in a press release. “The disruption, which affected some systems at the Bank such as the Bureau De Change Monitoring System and the Website, emanated from a suspected cybersecurity incident. We wish to advise that these systems have since been fully restored.”
The Bank of Zambia did not reveal the details of the incident. Still, it was discovered that the attack was carried out by Hive ransomware, which purported to have encrypted the Network Attached Storage (NAS) device of the bank. Instead of paying the ransom, bank employees mocked the hacker’s ’14m3-sk1llz.’
“Suck this dick and stop locking bank networks thinking that you will monetize something, learn to monetize,” they said after posting a link to a dick photo. When this discussion was made public on Monday, it was presumed that unconnected persons had hijacked the negotiating chat, as has happened before. Following this discussion, security researcher MalwareHunterTeam created a poll asking if people thought photos like these in a ransom negotiation proved the message was hijacked or from the victim.
The poll results revealed that the majority of survey respondents said it came from the victim, which was surprising. According to Bloomberg, the bank’s Technical Director, Greg Nsofu, stated that the bank’s essential systems had been safeguarded, so engaging with threat actors was unnecessary. “So we pretty much told them where to get off,” Nsofu stated, adding that it was someone from the bank that reacted to Hive.
Although the bank’s reaction to the threat actors may not be the best for other businesses, they should be commended for making it apparent that they would not give in to the attackers’ demands. While ransomware remains a significant issue for both businesses and individuals, the best method to combat it is to refuse to pay the ransom and instead recover from backups.
When non-payment is combined with greater law enforcement action and government punishments, ransomware activities should gradually go away. When the Bank of Zambia was approached with more inquiries concerning the issue, no response was received.