Major South African agencies become the target of cyber attackers
The South African government agencies, including the Department of Justice and the South African National Space Agency, experienced ransomware attacks.
The attacks are noted months after Transnet, the state port operator’s processes, were disturbed by a cyberattack on its IT system, leading to a halt to the exports and imports.
Since the people are now relying on many insecure connections for facilitating their work from home procedures, South Africa, along with other nations, is facing a rise in the number of attacks.
The Department of Justice (DOJ), in a statement, claimed a breach on its systems where these were encrypted and hence unavailable to internal staff along with the members of the public. The department further highlighted that the electronic services offered by them are affected. This includes the issuance of letters of authority, bail services, along with email and departmental website.
The department also claimed that many of its units had shifted to manual systems as a resort. In light of this, court hearings would carry on around the country. The DOJ holds phishing emails and drive-by downloading responsible for the cyberattack. It, however, did not specify if a ransom had been demanded.
The hit on the DOJ is not alone. This follows an attack on Sansa, the SA National Space Agency. The company experienced the stealing of more than 14 gigs of data stolen by CoomingProject, where the attacker has posted some of the data online.
Also Read: New Zealand’s key institutions under attack
Sansa, founded in 2010, carries out space research and helps in spacecraft building. It also has the operation of the regional weather warning entity in Africa and a magnetically clean facility in Hermanus to its credit.
According to a cyber security expert, the files stolen from Sansa’s server did not hold sensitive information.
As per Brett Callow, a threat analyst at Emsisoft, CoomingProject is new in the ransomware arena but has big actions to its credit already.
Callow also said that the website came into the limelight a week ago, and so nothing is known about its operators. Till today they have released data which was hacked from different companies in different countries. These include France, Canada, the US, and South Africa.