By Naseerah Nanabhai

31/10/2019

On Thursday the 24th of October, news broke of an apparent hacking of City of Jo’burg systems. A cybercrime syndicate called Shadow Kill hackers is believed to be behind the hack.

They issued a notice that the City of Joburg had until Monday, 28 October, at 17:00, to pay a ransom fee of four Bitcoin tokens (about R500 000).

Agencies like this often use cryptocurrencies in order to make it extremely difficult to trace the culprits receiving the ransom. 

On Monday 28th October at 17:00, the deadline for payment expired, without any payment being made.

Thus far, no information about City of Jo’burg has been released. The systems store sensitive information and the consequences of this attack, if the information were to be leaked, would be exponentially dangerous. 

This is not the first time the city’s systems were attacked. In July this year, City Power improved cybersecurity after being hit by a ransomware virus that temporarily encrypted its computer databases, applications, and network.

So far, the hacking attempt has affected the City of Joburg website that customers use to make payments; e-services systems that process transactions billing systems; and all call centres, including operating systems at walk-in centres.

Attacks like these are common. They happen all the time and all around the world. These attacks range vastly in size and motive. Some are inexperienced individuals trying their luck and others are expert groups with a strategic motive. 

Cities are often targets of cybercrimes like this, as they ran vast networks of connected technology. These are hard to update, manage and patch effectively, making it easy for hackers to attack. 

Often attackers believe that cities may be more inclined to pay the ransom to avoid recovery costs that can be much higher than the ransom fee. 

However, City Power spokespeople told reporters that the attackers “won’t get a cent”. The City is not prepared to pay the ransom.