The cyberattack, which severely disrupted the operations of the power distribution company, has raised significant concerns about the cybersecurity measures in place within Ghana’s critical infrastructure sectors.
The Electricity Company of Ghana (ECG) has reportedly lost an estimated GH¢500 million following a recent ransomware attack on its systems, according to Dubik Mahama, the Managing Director.
Recommended articles
Dubik Mahama corroborated the Vice President, Dr Mahamudu Bawumia's earlier statement and elaborated on the significant impact the ransomware attack had on ECG's operations.
Mahama noted that the attack struck at a crucial time when the company was in the midst of an operational overhaul, which included upgrading and repairing its systems.
In an interview on Channel One TV, he said "Don’t forget that, within those periods, we were going through an operational turnaround, where we were fixing our systems…That was the same year within which we had the ransomware attack thing that we managed to take care of.
"For me, what I will say to that is there’s an investigation going on, so maybe probably, the Vice President is privy to the final investigation report or has some inkling towards whatever is going on there. But I have not been furnished. There was an attack, there’s no two ways about that."
"Looking at a company that has the potential of raising about GH¢50 million to GH¢60 million in a day if you’re not able to vend for a week, how much have you lost? How are you going to bring yourself back into the game? So yes, we did lose a lot, we had a few good companies consult for us and advise us. And we have a quantity of the amount of money that was lost ranges between GH¢400 million to GH¢500 million within that period," he added.
As ECG works to restore normalcy, there are calls for a comprehensive review of cybersecurity policies and practices across all utility companies in Ghana.
Experts warn that the increasing sophistication of cyberattacks means that no organisation is immune, and proactive measures must be taken to safeguard critical infrastructure.