(Bloomberg) -- Zambia’s central bank said it refused to pay ransom to a group known as Hive that was behind a cybersecurity breach that caused minimal damage to its systems.

“All of our core systems are still up and running,” Greg Nsofu, information and communications technology director at the Bank of Zambia, told reporters in Lusaka, the capital. “Not much sensitive data has actually been shipped out.”

Only some test data may have been leaked, he said. “Knowing that we had protected our core systems, it wasn’t really necessary for us to even engage” in a ransom conversation, Nsofu said. “So we pretty much told them where to get off.”

The central bank said May 13 that it had suffered a suspected cyberattack, which disrupted some information technology applications on May 9, including its website and bureau de change monitoring system. Its website was down for at least part of May 14 too. 

Hive ransomware, first observed in June 2021, has already “made its mark as one of the most prolific and aggressive ransomware families today,” according to Trend Micro Inc., a Tokyo-based cybersecurity company. The software is usually used to steal data and encrypt its victim’s files, leaving a note requesting payment, according to the US Federal Bureau of Investigations. The group has targeted health-care operators in the US to Indonesia’s state-backed oil and gas company. 



©2022 Bloomberg L.P.