Bawumia’s claim ECG staff sabotaged paperless system inaccurate, misleading – PUWU
The Public Utilities Workers Union (PUWU) of the Trade Union Congress (TUC) has disputed Vice President Dr Mahamudu Bawumia’s assertion that officials of the Electricity Company of Ghana (ECG) sabotaged the government’s digitalisation of revenue collection.
Dr Bawumia, at the Annual AGM of Anti-corruption Agencies in Africa on May 9, claimed that certain IT unit staff at ECG introduced ransomware to disrupt the system’s proper functioning.
He stated that the ransomware caused the system to fail and that national security intervention was required to identify the staff responsible for the sabotage.
However, the PUWU issued a statement on Monday, May 13, refuting the Vice President’s claims as “inaccurate and misleading.”
The Union further expressed disappointment over the Vice President’s assertion that the incident was a deliberate act by ECG staff to thwart a project beneficial to the company and Ghana.
It said in September 2022, EOCO began a forensic audit on the ECG Power App, requesting the payment platform architecture, databases, API documentation, and the power app custom source code, including backend prepayment systems credentials.
The Union pointed out that EOCO employed third-party IT professionals for the task, implying that ECG IT staff were not the only ones with access to ECG’s ICT infrastructure.
The Union indicated that the first ransomware attack, which occurred on September 28, 2022, was reported to the Cyber Security Authority, as per regulation.
It said following the attack, which was perceived as a national security threat, the National Security took control of the ECG ICT system.
“In the midst of the takeover, the second and most severe of the ransomware attacks occurred on the 11th November 2022, at the time the National Security personnel had both full physical access and software administrative rights to all ECG systems. The National Security arrested and detained some ECG ICT staff for days but were later released.”
But the Union emphasised that it was the ECG ICT staff who led the system recovery effort, working day and night to restore the systems and even assisting National Security operatives on how to operate the ECG systems with support from E-crime Bureau, a cybersecurity firm invited by the ECG Board.
“In all these cases, the systems were restored with the major assistance by the ECG ICT staff. It is therefore factually inaccurate that National Security came in to recover the system, as reported by His Excellency the Vice President.”
