On October 25, the official Twitter account of the city of Johannesburg municipality shared a screenshot according to which the city of Johannesburg shut down its website and billing system after a group hacked into the authority’s system.
In the tweet city said that it had detected a network breach which resulted in unauthorized access to its information system and cyber security experts were investigation the incident. The city’s website had been shut down as a precautionary measure that means customers would not be able transact on e-services or log queries via the city call center or customer services center.
According to a local broadcaster eNCA , the group of hacker, calling themselves Shadow Kill Hacker, demanded a ransom of four bitcoins worth now about $37.000. The hackers then threatened to upload all hijacked data on the internet by October 28 if their crypto-currency ransom isn’t met, the news agency said.
According to the broadcaster, initial report indicate that no-one’s personal data has been compromised by this cyber-attack. According to a spokesperson of the city of Johannesburg, this was a clear and well-planned attack by the hackers. He said:
“According to the team, this attack was detected while at the user level, having not impacted the applications themselves. We are doing everything to restore some of the critical functionalities so that people can transact with the city.”
According to the South African Banking Risk Information Centre, such online attacks were also made on multiple banks that affected public-facing services earlier this week. On October 24, the Standard Bank of South Africa, believed to be attacked by cyber criminals, tweeted:
“You may be finding it difficult to log on to Internet banking and our Banking App at the moment. We’re working to sort this out.”
Similarly on October 23, ABSA tweeted:
“We are aware of the ongoing intermittent issues with our digital channels and our technicians are working on a fix.”
Craig Rosewarne, managing director at information and cyber threat management firm Wolfpack Information Risk, said that as the cyber-attacks are becoming more frequent and sophisticated, many companies and service providers will find themselves poorly equipped to detect and fight such unwanted incidents in future.
According to a blog post by Sowetan Live published on July 25, 2019, Johannesburg City Power’s database and other software’s was also attacked by a virus that restricted the company’s services such buying prepaid electricity.