Johannesburg City Council Network Down Following a Cyber-Attack

  • Johannesburg was attacked by ransomware actors again, and this time the target was the city council.
  • The actors managed to bring all systems down and reportedly asked for a ransom payment in Bitcoin.
  • Currently, no email services are available to the municipality employees, and no billings can be made.

The South African capital suffered a ransomware attack on Thursday afternoon, and it is still in the process of recovering, as reported by Reuters. The attack affected all call centers, websites, and online electronic platforms of the metropolitan municipality of the City of Johannesburg, the economic hub of the country. To get an idea about the critical role that Johannesburg plays for South Africa, this city of five million is contributing 16% of the total national economic activity. That said, the disruption in the city council’s network is actually a noticeable blow to the South African economy.

As reported, the hackers demanded ransom in Bitcoin, but this wasn’t officially confirmed. Right now, the IT teams of the City of Johannesburg are striving to get the city’s billing systems, internet, and email back to a working state. One spokesman of the city council told the press that some messages did indeed demand money, while others threatened to physically harm the employees. Their first response was to shut the whole system down in order to prevent a large scale infection. Up to what level they achieved this remains a question at this point.

Back in July, we saw another case of ransomware hitting Johannesburg again, and more specifically, its electric power producer and distributor, "City Power." The ransomware attack encrypted all of their databases, applications, and network, leaving parts of the city in the dark. Whether or not "City Power" paid the ransom back then wasn’t disclosed, but it could have played a role in the actors’ persistence and targeting of the particular city. The City of Johannesburg is just too neuralgic to have any of its vital systems stay offline for long, and actors know it.

Matt Walmsley, EMEA Director at Vectra, a California-based firm that specializes in AI-backed cybersecurity technologies has provided TechNadu the following comment about the recent incident in Johannesburg: “Extortion is a well-established approach for cyber-criminals and is used through tactics that include threatening denial of service, doxing, and ransomware. In the reported case of the city of Johannesburg, the 4 Bitcoin ($34.5k) ransom is meaningful but not particularly high and so may be pitched at that level to encourage a decision to pay. Cyber-criminals are increasingly making rational economic decisions around targeting organizations and demand ransom levels that they believe will have a higher likelihood of payment. All too often we are reminded that defensive controls are imperfect, and the ability to quickly detect and respond to live attacks that have successfully penetrated an organization can make the difference between a contained incident and damaging breach.”

Have something to comment on the above? Feel free to share your thoughts with us in the section down below, or on our socials, on Facebook and Twitter.

Euro 2024 Qualifiers Live Stream: How to Watch International Soccer Online from Anywhere
The road to Euro 2024 is about to get underway, and Europe’s leading soccer stars will be battling it out to qualify...
How to Watch Redemption Online for Free: Stream the Paula Malcomson Series from Anywhere
Redemption is an upcoming British drama TV series featuring Paula Malcomson. You will find below all the information you may need, including...
How to Watch The Real Murders of Atlanta Season 2 Online from Anywhere
The Real Murders of Atlanta is back with a new set of episodes in Season 2, and we have the premiere date,...
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: Chrome, Edge, Firefox, Safari