Commentary – The recent scam that cost Tonga Power Limited $270,000 paʻanga serves as a stark reminder of the growing threat of cybercrime in Tonga.
The fraudsters impersonated a legitimate supplier, convincing the company to transfer funds meant for wind turbine equipment into a fraudulent account, according to the Minister of Police Piveni Piukala.
This incident did not come to light until the actual supplier followed up about the missing payment.
This is not the first time Tonga has fallen victim to such attacks. Just weeks earlier, ANZ Bank Tonga faced criticism from Chief Justice Malcolm Bishop KC for failing to protect a customer from a $244,500 scam.
Despite the bank confirming the fraudulent nature of the email with the customer, it did not take immediate steps to secure the victim’s account, allowing cybercriminals to drain a significant sum.
The situation becomes even more alarming when considering the recent hack of Tonga’s National Health Information System. Cybercriminals breached the system, stole sensitive patient data, and demanded a US$1 million ransom.
Although Tonga refused to pay, the attackers still leaked some of the stolen information onto the dark web, exposing countless individuals to potential harm.
Time to Strengthen Cyber Protections
This attack, along with the scams targeting Tonga Power and ANZ customers, underscores a critical issue: Tonga’s cybersecurity infrastructure is not yet equipped to handle the escalating sophistication of global cyber threats.
These incidents point to several urgent needs. First, there must be comprehensive training for employees in both the public and private sectors to recognise phishing attempts and other fraudulent schemes.
Second, banks and businesses must implement stronger security measures, such as real-time fraud monitoring and multi-step verification for large transactions.
Third, Tonga should consider establishing a national cybersecurity task force, possibly with support from regional partners like Australia and New Zealand, to enhance its ability to prevent and respond to cyberattacks.
Finally, public awareness campaigns are essential to educate citizens on how to protect themselves from online scams.
The bottom line is clear: cybercrime is a growing global problem, and Tonga is increasingly in the crosshairs.
The country can no longer afford to be reactive—it must take proactive steps to strengthen its defences.
Without urgent action, the next cyberattack could be even more damaging.
The question is no longer if another attack will happen, but when—and whether Tonga will be prepared to face it. The time to act is now.
