City of Joburg systems are expected to be back online by the end of the weekend, following a cyber attack.
The City on Thursday night announced a breach of its network on and shut down its website and all e-services as a precautionary measure. In a tweet, the City said it had detected a network breach “which resulted in an unauthorised access to our information systems”.
Business Day reported that the attack came hours after the City received a bitcoin ransom note from a group called the Shadow Kill Hackers.
The City further tweeted: “The incident is currently being investigated by City of Joburg cyber security experts, who have taken immediate and appropriate action to reinforce security measures to mitigate any potential impacts.”
Several customer-facing systems, including the City’s website, e-services and billing system were shut down as a precautionary measure. The City said the shutdown would last for 24 hours.
On Saturday, City spokesperson Nthatisi Modingoane confirmed that some of the City’s customer service centres were up and running. Remaining services would be brought slowly back online, he added, saying he expected this would take place by the end of the weekend.
According to Business Day, the note on Twitter came after several city employees received the ransom note, which reads: “All your servers and data have been hacked. We have dozens of back doors inside your city. We have control of everything in your city. We also compromised all passwords and sensitive data such as finance and personal population information.”
The hackers reportedly demand the payment of 4.0 bitcoins by October 28 at 17:00 failing which they will upload all the data on to the internet.
Modingoane confirmed that the threat was detected on a user platform and said the City was investigating whether any customer information had been breached.