Cyber Attack Shuts Johannesburg City Authority’s Network
JOHANNESBURG – Hackers have shut down the cyber network of Johannesburg City Council, targeting computers of local government employees in South Africa’s economic hub, city officials said on Friday. The hackers allegedly demanded ransom in the form of bitcoins in exchange for reactivating internet and email links to the city’s billing systems, local media reported. […]
JOHANNESBURG – Hackers have shut down the cyber network of Johannesburg City Council, targeting computers of local government employees in South Africa’s economic hub, city officials said on Friday.
The hackers allegedly demanded ransom in the form of bitcoins in exchange for reactivating internet and email links to the city’s billing systems, local media reported.
The City of Johannesburg said it could not confirm the authenticity of the ransom demand and that its forensic and IT units were investigating the attack.
Johannesburg is home to 5 million residents and contributes 16% to the country’s total $326 billion national economy.
Officials said the attack on Thursday afternoon via employee computers had affected its call centres, website and online electronic platforms.
“You’re sitting as an employee and then boom, a message appears on your computer screen and it turns blue. You try to reboot, switch off and nothing. Some messages demand money, others threatened to attack employees (physically),” City of Johannesburg spokesman Ntahtise Modingwane said.
“We picked it up quickly and shut the whole system down,” Modingwane said. “We’re working around the clock and the system should be back up during the weekend.”
The city’s electricity distribution company City Power suffered a similar attack in July when a ransomware virus planted in its cyber systems by unknown hackers hit its pre-paid customers, according to local news website News24.
United Kingdom-based tech firm Mimecast said in a report there was 19% increase in ransomware attacks targeting South African companies between 2018 and 2019.
Ransomware is a type of malware that encrypts a victim’s files, with the hacker typically demanding payment to restore access.
SABRIC, the South African Banking Risk Information Centre, confirmed today that as of Wednesday, 23 October 2019, the banking industry has been hit by a wave of ransom-driven Distributed Denial of Service attacks. It said the attacks were not targeted at South Africa and that several countries had been affected. It also said that no customer data was at risk.
(Reporting by Mfuneko Toyana, Editing by William Maclean)