Ghanaian Banks Systems At Risk Of Cybercrime— Cyber Security Expert

A cyber security expert has raised a red flag revealing that, most of financial institutions are at risk of cybercrime.

The expert is therefore tasking financial institutions in the country to increase their investments in cyber security protection to prevent them from cyber-attacks that could cost them fortunes and reputational damages,

Dr. Bright G. Mawudor, Group Head of Information Security and Risk, Cellulant -Nairobihas said, most banks in the country do not have their database well-secured from the public.

“People invest very little in cyber security protection and they lose billions. They don’t report them every day, but they are actually losing a lot of money.

“There is something called “Shodan”; a search engine which helps find vulnerabilities in a country or for an organisation. So, when I searched for a common tool that is used by almost every bank in Ghana, guess what? They do not secure that.

“Majority of them are exposed to the public; something they are not supposed to. According to the Common Vulnerability Exposure Database (CVE Database), it shows that these organisations are vulnerable, meaning somebody can intercept the traffic between the bank and customers and see all the transactions that they are doing or the communication that is going through them”, he said.

Dr. Mawudor made this revelation at the 2017 Data Protection Conference held in Accra last week where he served as a speaker on data security and encryption.

He also encouraged organisations to prioritise the security of their systems, urging them to seek the services of experts in the area.

“Security is always an afterthought for organisations. They want products that are just giving services; they want final products to compete against their competitors, and they want to make sure that they are on top of everything; they are the first to release something, but security is always a thing that they come to think about at a much later stage.

They need to increase awareness about security issues; attend more of these data protection conferences to learn exactly how people get hacked and how they can prevent hacking,” he urged.

Speaking at the opening of the event, Executive Director of Data Protection Commission, Teki Akuetteh Falconer, noted that the state of data protection in the country is one that can be said to be improving over the years.

She, however, encouraged individuals and institutions to report to the commission, data protection rights violations meted out to them by data handlers.

The two-day annual conference sought to discuss issues affecting data controllers and processors in the country following the implementation of the Data Protection Act, 2012 (Act 843).

It also addressed data protection trends in the region and worldwide, allowing experts to share their experiences and best practices.