SLCB Assures Restoration of Hacked Website

By Amin Kef Sesay

Sierra Leoneans woke up on the 6th January 2020 to the disturbing news making the round on social media that one of the country’s commercial banks, the Sierra Leone Commercial Bank’s website has been defaced by Iranian hackers placing  pro-Iranian messages and images on the sites. The Sierra Leone Commercial Bank’s website was displayed as “H4ck3D IRANIAN HACKER” in Google search results. Screenshots posted on Twitter showed a drawing of former IRGC Quds Force commander Qasem Soleimani, who was killed in a US airstrike on Friday with the words “hacked by Iranian hacker, hacked by shield Iran.”

This revelation sent shock waves among the Bank’s numerous customers, some thinking that their hard earned savings are at risk. However, the Sierra Leone Commercial Bank (SLCB) in a statement stated that it has safely secured its website after an attempted hacking by a group called Shield Iran.

It furthered that immediately after learning about this ugly development the Bank’s IT engineers both at home and abroad ensured the restoration of the website to normalcy and secured the ITC system of the bank without any damage to document and information of clients.

According to a release from the Bank, the slcb.com site is hosted externally by a service provider in the United States and Management believes that the attack was carried out by hackers based in Iran as retaliation to the killing of the Iranian Military General, Qassem Soleimani. According to the bank, assurance is given to its clients that the attempted hacking did not affect any information.

“We hereby assure the public that none of our other systems or services has been affected. Although we do not believe that the bank is a primary target in this attack, we are giving the situation our utmost attention,” the Bank assured.

The Bank also informed that there is no sensitive information stored on the website and therefore no cause for fear.

A spokesperson from the Cybersecurity and Infrastructure Security
Agency, a section of the US Department of Homeland Security,
acknowledged that the hack took place.

“We are aware the website of the Federal Depository Library Program
[FDLP] was defaced with pro-Iranian, anti-US messaging,” the
spokesperson said in a statement. “At this time, there is no
confirmation that this was the action of Iranian state-sponsored
actors. The website was taken offline and is no longer accessible.
CISA (the Cybersecurity and Infrastructure Security Agency) is
monitoring the situation with FDLP and our federal partners.”

Another senior US official noted that the defacement is a small-time
event that was likely carried out by Iranian sympathizers.
US Secretary of State Mike Pompeo mentioned on Friday that one
possible response by Iran against the US could be a cyberattack. It is
unclear whether the hackers had any official status or connection to
Iran.

The hack comes amid increased tensions between the United States and Iran following the assassination of Iran Revolutionary Guards Corps Quds Force commander Qasem Soleimani in a US strike in Baghdad on January.

Iran has since vowed to take revenge for the assassination, alluding
to potential attack against US assets and interests throughout the
Middle East, in addition to attacking US allies. On its own part, the Government of Sierra Leone in his response came out with a Press Release on the matter saying:

“The attention of the Ministry of Information and Communications (MIC) has been drawn to a cyber incident involving the Sierra Leone Commercial Bank (SLCB) official website (www.slcb.com) which occurred on the 5th January 2020. The compromise is attributed to a group claiming to be “Shield Iran”. This incident led to a temporal unavailability of the website that is hosted by a service provider based in the USA. However, this incident had no impact on SLCB operations and online banking applications. The web site is an information-only portal with no direct or indirect access to any banking operation assets. It also holds no sensitive information.

This incident has been thoroughly investigated by a joint technical team from the Ministry of Information and Communications Cyber Unit and the SLCB Cyber Incident Response Team (CIRT) that have taken immediate and appropriate actions to reinforce existing security measures to mitigate any potential impact.

The Cyber Security Unit of the Ministry of Information and Communications would like to inform the general public that stringent measures and modalities have been put in place to prevent future attacks on National Critical Information Infrastructure (NCII) in the country.
The Government would like to assure its citizens that it will continue to put in place the necessary modalities to ensure the continuing protection of all personal and official data at all times.”

2 COMMENTS

LEAVE A REPLY

Please enter your comment!
Please enter your name here