Lesotho central bank ‘targeted’ in cyber-attack attempt

The Central Bank of Lesotho fell victim to a cyber-attack on Monday, as concerns about rising global cyber threats continue to grow.

The attack has prompted the institution to take immediate measures to prevent further infiltration, including the suspension of certain systems, potentially causing delays in payments.


In a recent statement, the bank acknowledged the cyber incident and assured the public that investigations were underway while efforts were being made to restore the compromised systems.

Lesotho’s currency, the Loti is pegged to the South African rand. The recent cyber-attack raises concerns about the stability of the country’s financial system and its potential impact on the exchange rate.

Any instability could have ripple effects on cross-border trade and financial transactions between Lesotho and South Africa.

However, the institution emphasised that no financial losses had occurred, but the suspension of some systems was necessary to thwart ongoing attacks.

Public assured of bank’s safety

“The Bank wishes to assure the public that it has not suffered any financial or other loss. However, the Bank has suspended some of its systems to prevent further infiltration from the attackers.

“Consequently, some payments may be delayed while the Bank works on getting the systems back to normalcy,” it said.

The central bank’s announcement comes against the backdrop of South Africa’s status as a cybersecurity hotspot in the continent.

In 2022, the country led the continent in identified threats, totalling 230 million. The South African Banking Risk Information Centre reported a significant increase in gross fraud losses, with card-not-present fraud and banking malware attacks positioning the country as the second-highest to Russia globally in such incidents.

This incident in Lesotho follows on the heels of a series of cyber-attacks on critical infrastructure globally.

Ukraine, already facing geopolitical challenges, recently experienced a major attack on its largest mobile operator, Kyivstar, leading to disruptions in air raid warning services and banking operations.

According to CNN, this incident ranks among the most consequential acts of cyber warfare on critical infrastructure since Russia’s invasion two years ago.

Reports also suggest that hackers affiliated with the Chinese People’s Liberation Army (PLA) breached the computer systems of critical infrastructure units within the US government.

Heightened cybersecurity measures

Speculation surrounds the possibility that these intrusions are part of a broader effort by the PLA to target logistics amid potential US-China conflict in the Pacific region.

The incident in Lesotho underscores the international community’s increasing alarm over the frequency and severity of cyber-attacks on critical infrastructure.

The need for heightened cybersecurity measures has become evident, especially in the context of recent revelations about cyber groups associated with Russia and China hacking Sellafield, the United Kingdom’s (UK) most hazardous nuclear site.

A report by the Joint Committee on the National Security Strategy has warned that the UK faces a significant threat of a “catastrophic” cyber-attack.

The report criticised the government for inadequate investment in preventing large-scale cyber-attacks and emphasised the pressing need for heightened attention and resources to protect critical infrastructure from potential cyber threats.

Visit SW YouTube Channel for our video content

Latest News