Story image

Uganda data centre raided, operator ‘held hostage’

09 Jul 18

A major data centre in Kampala, Uganda has allegedly been pillaged by government officials.

The concerning news comes at a time when data protection and privacy is a hot issue.

Uganda’s Daily Monitor managed to get a copy of a letter of complaint sent from MTN Uganda (a local telco company) to the government’s Internal Security Organisation (ISO).

The letter implied that the company’s data centre had been trespassed by security men purporting to be from ISO who accessed their servers before disconnecting four of them.

This came after a man who had physical access to the MTN IT Data Centre was ‘kidnapped’.

According to the letter, Huawei Uganda data facilities manager Moses Keefah Musasizi was seized at 5pm on July 2 before being held hostage at the ISO headquarters until 9pm when he was taken to the MTN data centre and coerced to provide access.

“We are yet to determine the extent of interruption to our network activities and the financial impact. It is also possible that some data have been tempered with or illegally accessed and taken from the premise,” the letter reads in part.

“The intrusion into the data was properly captured by our closed circuit television (CCTV cameras.”

Following the breach, MTN Uganda reported the case to the local police and stressed that they had received no warning.

“We await police investigation to determine the nature and motive of the above officers. It is important we had not received search warrant, court order or a request for information that not been attended to, warranting the above action,” the letter reads.

“This incident poses a serious security risk to telecommunication infrastructure and customer data which are protected under the Uganda Communication Act 2013. Our servers have been off since yesterday and are yet to be reconnected. As a result, MTN is currently unable to offer some services such as processing of call data records, resolution of customer queries and Mobile Money Micro-lending.”

According to MTN, the letter was copied to Minister of ICT and National Guidance, Minister of Security, Minister of Internal Affairs, Inspector General of Police, and the head of Chieftaincy of Military Intelligence.

How to stay safe when shopping online
Online shopping is a great way to avoid the crowds – but there are risks.
Dell EMC embeds security in latest servers
Dell EMC's 14th generation of PowerEdge servers has comprehensive management tools to provide security across hardware and firmware.
Why data backups should be a part of daily operations
"Disaster recovery needs to address complete system failure and provide a set of security policies to govern disaster incidents."
Businesses focusing on threats from within - survey
Over 50% of respondents reported that 100 days of dwell time or more was representative of their organisation.
Corelight and Exabeam partner to improve network monitoring
The combination of lateral movement and siloed usage of point security products leaves many security teams vulnerable to compromise.
SailPoint releases first identity annual report
SailPoint’s research found that many organisations are lacking maturity in their governance processes over identities.
Disruption in the supply chain: Why IT resilience is a collective responsibility
"A truly resilient organisation will invest in building strong relationships while the sun shines so they can draw on goodwill when it rains."
Businesses too slow on attack detection – CrowdStrike
The 2018 CrowdStrike Services Cyber Intrusion Casebook reveals IR strategies, lessons learned, and trends derived from more than 200 cases.