Malawi's Passport System Breached

Uploaded on 2024-03-05 in NEWS-Cybersecurity News, FREE TO VIEW, TECHNOLOGY--Hackers

For the past three weeks, Malawi has not been issuing passports for what officials said was "a technical glitch".

Now,the government of Malawi has taken the drastic step of suspending the issuance of passports following a cyber attack on the immigration service’s computer network. President Lazarus Chakwera informed Members of Parliament that the cyber attack constituted a grave national security breach, disclosing that the hackers are demanding a ransom.

President Chakwera acknowledged Malawians' unhappiness with the inability to obtain passports, but rejected Sulema's proposal for a cabinet reshuffle, citing a lack of comprehension of the situation. He said the hackers are demanding a ransom, but the Malawi government has no intention of paying as it refuses to "appease criminals" or negotiate "with those who attack our country... We are not in the business of appeasing criminals with public money, nor are we in the business of negotiating with those who attack our country," he said.

This is not the first time the country has had to suspend issuing passports, but this recent pause comes at a time when demand for passports is high, with many citizens migrating for employment opportunity reasons. Last year, the government paused giving out new documents after running out of passport booklets, with an official saying that the problem was being worsened by a shortage of foreign currency.

There have been issues since 2021 when the attorney-general's office terminated a passport contract with Techno Brain, which had been the supplier of Malawi’s passports since 2019, a company that had been offering the service, citing irregularities.

Demand for passports is high in Malawi with many young people looking to migrate in search of job opportunities.

President Chakwera said he had given the immigration department three weeks within which it should provide a temporary solution and resume the issuing of passports, while waiting to regain control of the system. He said a long-term solution with additional security safeguards would be developed. Mr Chakwera only revealed for the first time that the immigration system had been "hacked" without mentioning who the hackers were suspected to be.

No other details have been given about the cyber-attack including the possible implications in terms of personal data security.

Some frustrated Malawians have in the past faulted the government over the continued backlog of applications amid allegations of corruption. Righ now, anyone who does not have a passport or whose passport has expired cannot acquire a new one and therefore cannot travel.

Director general of the Department of Immigration and Citizenship Services, Charles Kalumo, acknowledged citizens' concerns, but was unable to propose a date for passport issuance to resume.

BBC     |     Dark Reading     |     IT Web Africa     |     VOA     |     The Herald     |     Lusaka Times

Image: David_Peterson

You Might Also Read: 

Buy A Dark Web Passport Scan For $15:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Wireless Security In Smart Homes Is Vulnerable
Cyber Security Governance Is A Leadership Responsibility »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Bloombase

Bloombase

Bloombase is the leading innovator in Next-Generation Data Security solutions for Global 2000-scale organizations

Fenror7

Fenror7

Fenror7 lowers the TTD (Time To Detection) of hackers, malwares and APTs in enterprises and organizations from 300 days on average to 24 hrs or less.

Exprivia

Exprivia

Exprivia is active in the design, development and integration of IT systems including cyber security.

Telspace Systems

Telspace Systems

Telspace Systems provides penetration testing, vulnerability assessment and training services.

OSIRIS Lab - NYU Tandon

OSIRIS Lab - NYU Tandon

The Offensive Security, Incident Response & Internet Security Lab (OSIRIS) is a security research environment where students analyze and understand how attackers take advantage of real systems.

J2 Software

J2 Software

J2 Software is a leading African Information Security and ICT business providing information security, governance, risk and compliance solutions.

FFRI Security

FFRI Security

FFRI is committed to research and development of preventing the most advanced cyber-attacks and breaches.

Sapien Cyber

Sapien Cyber

Sapien Cyber is an Australian company bringing leading-edge cyber security and threat intelligence solutions.

Cyber Wales

Cyber Wales

Cyber Wales provides a focus and forum for everyone in the industry, helping businesses come together and collaborate both within Wales and internationally.

Cyber Pathways

Cyber Pathways

Cyber Pathways brings together the next generation of Cyber professionals along with delegates who are looking to cross train and enter the cyber market.

AlJammaz Technologies

AlJammaz Technologies

AlJammaz Technologies is the leading Technology Value-Added Distributor, which distributes advanced technology products, solutions and services in area including networking and cybersecurity.

Valence Security

Valence Security

Valence manages and secures your Business Application Mesh by delivering visibility, reducing unauthorized access and preventing data loss.

Torq

Torq

Torq's no-code automation modernizes how security & operations teams work with easy workflow building, limitless integrations and numerous pre-built templates.

KBE Information Security

KBE Information Security

KBE is a global consulting firm, with offices in Toronto and Milan, which specializes in the area of IT and information security with over 20 years of experience.

American Binary

American Binary

American Binary is a Quantum Safe Networking (TM) and post-quantum encryption company.

Auria

Auria

Auria advances complex space, missile, and cyber operations with visionary solutions and software.