Malawi's Passport System Breached

Uploaded on 2024-03-05 in NEWS-Cybersecurity News, FREE TO VIEW, TECHNOLOGY--Hackers

For the past three weeks, Malawi has not been issuing passports for what officials said was "a technical glitch".

Now,the government of Malawi has taken the drastic step of suspending the issuance of passports following a cyber attack on the immigration service’s computer network. President Lazarus Chakwera informed Members of Parliament that the cyber attack constituted a grave national security breach, disclosing that the hackers are demanding a ransom.

President Chakwera acknowledged Malawians' unhappiness with the inability to obtain passports, but rejected Sulema's proposal for a cabinet reshuffle, citing a lack of comprehension of the situation. He said the hackers are demanding a ransom, but the Malawi government has no intention of paying as it refuses to "appease criminals" or negotiate "with those who attack our country... We are not in the business of appeasing criminals with public money, nor are we in the business of negotiating with those who attack our country," he said.

This is not the first time the country has had to suspend issuing passports, but this recent pause comes at a time when demand for passports is high, with many citizens migrating for employment opportunity reasons. Last year, the government paused giving out new documents after running out of passport booklets, with an official saying that the problem was being worsened by a shortage of foreign currency.

There have been issues since 2021 when the attorney-general's office terminated a passport contract with Techno Brain, which had been the supplier of Malawi’s passports since 2019, a company that had been offering the service, citing irregularities.

Demand for passports is high in Malawi with many young people looking to migrate in search of job opportunities.

President Chakwera said he had given the immigration department three weeks within which it should provide a temporary solution and resume the issuing of passports, while waiting to regain control of the system. He said a long-term solution with additional security safeguards would be developed. Mr Chakwera only revealed for the first time that the immigration system had been "hacked" without mentioning who the hackers were suspected to be.

No other details have been given about the cyber-attack including the possible implications in terms of personal data security.

Some frustrated Malawians have in the past faulted the government over the continued backlog of applications amid allegations of corruption. Righ now, anyone who does not have a passport or whose passport has expired cannot acquire a new one and therefore cannot travel.

Director general of the Department of Immigration and Citizenship Services, Charles Kalumo, acknowledged citizens' concerns, but was unable to propose a date for passport issuance to resume.

BBC     |     Dark Reading     |     IT Web Africa     |     VOA     |     The Herald     |     Lusaka Times

Image: David_Peterson

You Might Also Read: 

Buy A Dark Web Passport Scan For $15:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Wireless Security In Smart Homes Is Vulnerable
Cyber Security Governance Is A Leadership Responsibility »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Certification Europe

Certification Europe

Certification Europe (now Amtivo Ireland) is an accredited certification body which provides ISO management system certification, including ISO 27001.

CONCERT

CONCERT

CONCERT is a Computer Emergency Response Team and cyber security information sharing network for companies, institutes and government in Korea.

Samsung Knox

Samsung Knox

Samsung Knox brings multi-layered defence-grade security to your business’s smartphones and tablets.

Snyk

Snyk

Snyk is the leader in developer security. We empower the world’s developers to build secure applications and equip security teams to meet the demands of the digital world.

CyberSec.sk (CSSk)

CyberSec.sk (CSSk)

CyberSec.sk is the Slovak portal bringing the latest cyber security news, politics, tips and instructions on how to protect the internet.

Cyber Defense Initiative Conference (CDIC)

Cyber Defense Initiative Conference (CDIC)

Cyber Defense Initiative Conference (CDIC) is one of the most distinguished Cybersecurity, Privacy and Information Security Conference in Thailand and Southeast Asia.

National Center for Manufacturing Sciences (NCMS) - USA

National Center for Manufacturing Sciences (NCMS) - USA

NCMS is a cross-industry technology development consortium, dedicated to improving the competitiveness of the US industrial base. Strategic initiatives include industrial cyber security.

Anglo African

Anglo African

Anglo African is an information technology firm providing end-to-end solutions to different industries, from IT Infrastructure to DataCom as well as Cloud & InfoSec services.

Automox

Automox

Remediate vulnerabilities 30X faster than the industry norm – and dramatically reduce your risk with simple, fast, and cloud-native endpoint hardening from Automox.

Siege Technologies

Siege Technologies

Siege Technologies is a pioneer of multi-purpose cybersecurity products and services that enable customers to leverage both offensive and defensive technologies.

Digistor

Digistor

Digistor is a leading manufacturer of industrial-grade flash storage products, secure storage products, and Removable Secure Data Storage.

EDGE Group

EDGE Group

EDGE is one of the world’s leading advanced technology groups, established to develop agile, bold and disruptive solutions for defence and beyond.

Resilience Cyber insurance

Resilience Cyber insurance

Resilience helps to improve cyber resilience by connecting cyber insurance coverage with advanced cybersecurity visibility and a shared plan to reinforce great cyber hygiene.

Association of Azerbaijani Cyber Security Organizations (AKTA)

Association of Azerbaijani Cyber Security Organizations (AKTA)

The Association of Azerbaijani Cyber Security Organizations (AKTA) is a non-commercial organization aimed at strengthening the country's cybersecurity system.

Cynical Technology

Cynical Technology

Cynical Technology is a Nepalese cybersecurity company with expertise in security consulting, auditing, testing and compliance.

Razilio

Razilio

Razilio is a boutique cybersecurity consultancy located in Sydney, Australia and serving the world.