Nigerian Banks Lose N2.75bn to ATM Cyber Attacks

The Nigeria Computer Emergency Response Team (NGCERT) has reported that banks in Nigeria have suffered losses exceeding N2.75 billion due to coordinated ATM cash attacks, involving 3,421 fraudulent transactions. These attacks are believed to be orchestrated by a Senegalese national linked to an international cybercrime syndicate.

The NGCERT's advisory highlights the need for banks to strengthen their cybersecurity architecture, as these attacks reflect a growing trend of cybercriminals exploiting vulnerabilities in financial institutions' digital infrastructures. The advisory details how attackers gain privileged access to banks' card authorization systems, allowing them to manipulate transaction controls and alter withdrawal parameters for fraudulent cash withdrawals across multiple ATMs simultaneously.

NGCERT recommends implementing multi-factor authentication, conducting comprehensive reviews of user privileges, and disabling unnecessary remote access services to mitigate these threats. Cybersecurity expert David Ayodel noted that these attacks increasingly target payment authorization systems rather than just physical ATMs, indicating a shift in cybercriminal strategies.