The data of clients of the Development Bank of Seychelles have not been compromised despite a ransomware attack, the bank’s chief executive said on Tuesday.
Daniel Gappy told a press conference that the bank was attacked by Calix ransomware on September 7. Work is ongoing to get the core system up and running, he said.
According to Geek’s Advice, “Calix ransomware is a file-encrypting virus that is capable of locking all files on the infected computer or server. It is a version of Phobos ransomware which was first discovered on October 3rd, 2019.”
“Once installed, the malicious programme encrypts all databases, documents, photos, programmes, and other files so that the victim could no longer access them,” the website reads.
Gappy told the press that “normally when you are attacked by ransomware, the extension of the file changes, giving you the contact details of the attacker.”
“They provide their email addresses so that you can contact them. If there is a ransom to be paid, they will ask it in bitcoin – not in dollars or euros. DBS did not take this path to pay any ransom. We tried contacting a company overseas to try and help us encrypt the files that were crypted. They tried for a week but was unsuccessful. We then worked with a consultant on the local market, who gave us another option,” said Gappy.
He explained that clients should not be affected as a development bank operates in a different manner as compared to a commercial bank. A development bank gives out loans and doesn’t collect money, meaning people do not deposit money and hence “there aren’t any depositor who can approach us and tell us that their money is missing.”
DBS was established in 1977 as a joint venture between the government and other shareholders. Over the years DBS’ business portfolio has grown to financing new, modernise and expansion projects in the fields of agriculture, fisheries, industry, service and tourism, construction of commercial buildings including rental accommodation, office, storage as well as shop premises.
He added that since Monday, the bank has started a recovery process, compiling all the data and moving it to another software. Once completed, these data will then be sent to the bank’s service provider located overseas.
“We are convinced that our core-banking – the software that contains all the information of the client – will be up and running by Thursday. We are making sure that all accounts are up to date and when we have finish rectifying all our problems this week, we will run a test by selecting a group of clients to come to take a look at the data,” said Gappy.
Following the attack, the bank is increasing its security, acquiring more equipment, and doing more backups. One of the challenges that DBS faced is that data is backed up to a server automatically at a specific time.
“We are going to reinforce this by having an offline backup which we will need to physically back up ourselves. When viruses are sent through emails, our staffs are the weakest link as they might open an email that contains viruses. We are also going to beef up our mail server so that each mail that comes in will be screened before reaching any staff. Emails that we find to be irregular will be sent to spam which will be opened by the IT personnel,” said Gappy.