Hackers Demand Ransom After Stealing Johannesburg's Data

Johannesburg is a world class city on a booming continent and a pan-african financial powerhouse.  It is also a repeat victim of hackers who at least twice in three months have shut down important city services and networks. 

In a targeted ransomware attack, hackers first took down the city's computer network on October 24th, stealing data from the city and threatening to release it unless the ransom payment is made. The city's IT team was still trying to restore critical systems days after the event, since its call center, website and e-services platform were all taken down in the attack. 

The group behind the attack, going by the name of Shadow Kill Hackers, is demanding a payment of four Bitcoin ($39,457) to prevent the release the data it has stolen. The group claims the data includes passwords and other sensitive data, such as finance and personal population information. Attempts were made to track down the hackers through details they gave on how to pay the bitcoins.

According to the ransom note, if the payment is made the data will be destroyed and the group will provide details to Johannesburg’s information technology staff on how it managed to steal the data, plus related security issues on the city’s network. 

The attack on South Africa’s main financial center, accounting for 16% of the country’s gross domestic product, has also delivered a noticeable blow to the country’s economy. 

This isn’t the first attack targeting Johannesburg. City Power, the city-owned electricity provider, was crippled by ransomware in July 2019. Two apparently separate groups of hackers are threatening to close down the finance sector and local government at a time when South Africans would be paying municipal bills and gaining access their bank accounts.

The banking industry was hit recently by a wave of DDOS attacks and this the attackers claimed in their ransoms was a small sample of what was to come. 

“This small attack was big and guys are busy installing systems to mitigate the coming attack,” said local cybersecurity expert Jacques van Heerden, who has knowledge of the cyberattack. 

 

Independent IOL:          Silicon Angle:            Technology Review

You Might Also Read: 

South African Cybercrime Is Advancing Fast:

US City Of Atlanta Suffers An Attack:

 

« 2020 Will Be A Landmark Year For AI
Easy Cyber Knowledge Ch.5 : Robotics AI And BioTech »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

ThaiCERT

ThaiCERT

ThaiCERT is the national Computer Security Incident Response Team (CSIRT) for Thailand.

Sucuri

Sucuri

Sucuri have offered holistic website security solutions since 2008 including malware removal, malware monitoring and website protection services.

Yubico

Yubico

Yubico sets new global standards for simple and secure access to computers, mobile devices, servers, and internet accounts.

My Data Recovery Lab

My Data Recovery Lab

We recover data from: HDDs, RAIDs, NAS, SSDs, USB Flash Devices, Desktop Computers, Mobile devices and other data storage media.

X-act Forensics

X-act Forensics

X-act forensics are computer forensic experts with experience in cases of computer fraud, intellectual property theft, and social networking cases.

Simula Research Laboratory

Simula Research Laboratory

Simula Research Laboratory carries out research in the fields of communication systems, scientific computing and software engineering.

CyberInsureOne

CyberInsureOne

At CyberInsureOne, we break down the complex world of cyber insurance, and connect you with providers that can give you and your company peace of mind.

Inceptus

Inceptus

Inceptus is a next generation Managed Security Service Provider (MSSP). We are dedicated to keeping our customers safe, secure and protected while doing business on the Internet.

David Hayes-Export Controls

David Hayes-Export Controls

David Hayes-Export Controls provides assistance to companies affected by export controls or who are considering entering the market but are unsure of the commercial and regulatory implications.

DataPassports

DataPassports

DataPassports is a data-centric security and privacy solution that enforces privacy and security from end-to-end with transparent protection of data at the source.

Razorpoint Cybersecurity

Razorpoint Cybersecurity

Razorpoint’s world-class security experts have provided advanced, effective cybersecurity expertise to corporate and public-sector organizations around the world.

FYEO

FYEO

FYEO is a threat monitoring and identity access management platform for consumers, enterprises and SMBs.

Verisign

Verisign

Verisign is a Global Leader in Domain Names & Internet Security, providing protection for websites and enterprises around the world.

Core4ce

Core4ce

Core4ce is a mission-oriented company that serves as a trusted partner to the national security community.

Total Secure Technology

Total Secure Technology

Total Secure Technology provides trusted Managed IT Security and Managed IT Services for organizations looking to increase their cybersecurity defensive posture.

InQuest

InQuest

InQuest specialize in providing comprehensive network-based security solutions that empower organizations to protect their most critical assets: their people.