Cyber Incident Victim: Development Bank of Seychelles
Date:
Sep 2020
Location:
Seychelles
Summary
The Development Bank of Seychelles suffered a ransomware attack, prompting engagement with the Central Bank of Seychelles to assess the incident's nature, operational impacts, and potential vulnerabilities exploited. While the specific ransomware strain remained unidentified, the attack followed a broader trend where such incidents often involve data theft prior to encryption, leveraging stolen information to pressure victims into paying ransoms. The Central Bank emphasized maintaining communication with clients and stakeholders throughout the response, though definitive confirmation of data compromise in this case was not disclosed.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On September 9, 2020, the Development Bank of Seychelles (DBS) experienced a ransomware attack, as confirmed by a Central Bank of Seychelles (CBS) press statement issued two days later. DBS, established in 1977 with initial shareholders including the Seychelles government, European Investment Bank, Standard Chartered Bank, Barclays Bank, Deutsche Investments und Entwicklungsgesellschaft (DEG), and Caisse Francaise de Cooperation, had evolved to majority government ownership (60.50%) following share acquisitions from Barclays and DEG. CBS immediately engaged with DBS upon notification to investigate the incident’s scope, operational impact, and root causes. The central bank mandated ongoing communication between DBS and its clients, banking sector stakeholders, and other relevant parties throughout the response process. CBS further emphasized the necessity of identifying vulnerabilities exploited in the attack, though no technical specifics regarding intrusion vectors, ransomware strain, or encryption targets were disclosed publicly. DBS did not respond to media inquiries about the incident, leaving operational disruption details unconfirmed.
The attack occurred amid a broader shift in ransomware tactics, where operators increasingly exfiltrated data prior to encryption to pressure victims into paying ransoms—a strategy pioneered by Maze ransomware in late 2019 and adopted by at least 18 other groups by mid-2020. While CBS did not confirm data theft at DBS, industry trends suggested a significant probability of such compromise, potentially classifying the incident as a data breach if sensitive information was accessed. Concurrently, Chilean bank BancoEstado faced a separate ransomware attack that forced branch closures, underscoring the global banking sector’s vulnerability during this period. CBS continued monitoring DBS’s recovery efforts but did not disclose remediation timelines, financial losses, or whether ransom demands were issued or paid. The incident highlighted systemic concerns regarding critical financial infrastructure resilience against evolving cyber threats.