Financial Crime World

Lesotho Financial Institutions Face Cybersecurity Threats as Attacks Rise

The financial sector in Lesotho is at risk of being severely impacted by cyberattacks, according to a recent report. The country’s financial institutions are increasingly vulnerable to attacks due to their reliance on digital systems and data.

Growing Concerns

Cyberattacks have more than doubled since the pandemic, with some companies experiencing significant losses as a result. For example, US credit reporting agency Equifax paid over $1 billion in penalties after a major data breach in 2017 that affected around 150 million consumers.

The Risk of Extreme Losses

The risk of extreme losses from cyber incidents is increasing, with potential funding problems for companies and even solvency concerns. The size of these extreme losses has more than quadrupled since 2017 to $2.5 billion. Indirect losses such as reputational damage or security upgrades are also substantially higher.

Vulnerabilities in Lesotho’s Financial Sector

Lesotho’s financial sector is particularly exposed to cyber risk due to the large amounts of sensitive data and transactions it handles. Attacks on financial firms account for nearly one-fifth of all cyber incidents, with banks being the most targeted.

The Impact of a Severe Incident

A severe incident at a financial institution could undermine trust in the financial system, disrupt critical services, or cause spillovers to other institutions. For example, a December attack on the Central Bank of Lesotho disrupted the national payment system, preventing transactions by domestic banks.

Mitigating the Risks

To strengthen resilience in the financial sector, authorities should develop an adequate national cybersecurity strategy accompanied by effective regulation and supervisory capacity. This includes:

  • Periodically assessing the cybersecurity landscape
  • Encouraging cyber maturity among financial sector firms
  • Improving cyber hygiene
  • Prioritizing data reporting
  • Sharing information among financial sector participants

International Cooperation

International cooperation is also imperative to address cyber risk successfully, as attacks often emanate from outside a country’s borders and proceeds can be routed across borders. The IMF actively helps member countries strengthen their cybersecurity frameworks through policy advice and capacity-building activities.

Conclusion

Lesotho’s financial institutions need to develop and test response and recovery procedures, and national authorities should have effective response protocols and crisis management frameworks in place. With the global financial system facing significant and growing cyber risks, it is essential that policies and governance frameworks at firms keep pace with these threats.