National Bank of Angola says it mitigated cyberattack

The National Bank of Angola is trying to reassure the country that its financial system is secure following a cyberattack on January 6.

Based in the capital of Luanda, the bank manages more than $10 billion in assets on behalf of the southern African country’s population of about 35 million. It reports about $600 million in annual revenue.

In a statement on Tuesday, the bank said the January 6 cybersecurity incident was mitigated “without significant impacts on its infrastructure and data.”

“Following the incident, access to technological infrastructures and, consequently, the safe and efficient provision of institutional services were ensured in a controlled manner,” it said.

“The National Bank of Angola, as the authority responsible for the stability and operational resilience of the Angolan financial system, will continue to ensure the necessary measures, aiming to guarantee the security, integrity, reliability and availability of the information systems of financial institutions, which are operating with normality.”

No hacking group has taken credit for the incident but in 2022 someone on the cybercriminal forum Exploit offered access to the bank’s systems for an undisclosed price.

Several of the country’s smaller banks have shown up on the leak site of the now-defunct ransomware gang Black Cat/AlphV and other hacking groups. The group also claimed it attacked Angola’s national electric utility Empresa Nacional de Distribuição de Electricidad in September but the incident was never confirmed.

A handful of state-owned banks have reported cyberattacks in recent years including the Central Bank of Lesotho, the Development Bank of Southern Africa, the National Bank of Pakistan, the Central Bank of Russia and the Central Bank of Bangladesh.