As reported by the official account of the South African city of Johannesburg, the capital’s computer systems are offline due to a cyber attack.
Unreachable services include the city’s web page, e-services and the SAP ISU and CRM payment system.
A Twitter user confirmed the cyber attack and provided further information, specifying that the city’s network was attacked by a real criminal group called Shadow Kill Hackers, which previously also hit ABSA, the African bank, and the Standard Bank.
For this cyber attack, a ransom of 4 bitcoins (BTC) was requested, which, in the local currency, that is, the South African Rand, amount to more than R 500 thousand, little more than $30 thousand, thus a small ransom when compared to that of Baltimore, where some other hackers requested as many as 13 bitcoins.
As if that weren’t enough, following this cyber attack, the criminals have informed that, if they don’t receive the ransom, they will publish on the Internet all the credentials and sensitive data of millions of people, which would cause catastrophic damage:
“All your servers and data have been hacked. We have dozens of back doors inside your city. We have control of everything in your city. We also compromised all passwords and sensitive data such as finance and personal population information.”
Clearly, it’s not guaranteed that once the ransom is paid the criminals will refrain from asking for more bitcoins or publishing the compromised data on the Internet, especially because it’s not known if and what was stolen in this cyber attack against Johannesburg.
This is the umpteenth case where a centralised system proves unreliable to handle sensitive data.
Finally, it is clear that attacks on services and facilities, such as the recent attacks on WordPress and an airport, lead to the emergence of a precarious security situation for computer systems.
Given the increase in ransomware, governments should invest much more in cybersecurity, with a view to limiting and reducing this type of attack, since a traditional antivirus is no longer sufficient. As seen before, malware can also hide in simple audio files.