The Latest / Data Security News

Johannesburg Cyber Attack: City Refuse to pay Ransom

November 5, 2019

The city of Johannesburg at the end of last month was hit by a cyber attack. While not a ransomware attack like we know it, the goal of the hackers was to elicit a ransom from the city. But in the face of downed systems and threats, the city has refused to pay any ransom and is attempting to get its systems back online.

Johannesburg Cyber Attack City Refuse to pay Ransom

A strong stance

The hackers behind the cyber attack call themselves the ‘Shadow Kill hackers’. They claimed to have dozens of ‘back doors’ inside the city’s systems. They have caused issues, forcing systems to shut down. While they might not be using ransomware exactly, they are certainly using its tactics. Half of the tactics of ransomware attacks are all about scaring their targets. The group claimed to have compromised all passwords and sensitive and financial information of all the city’s population.

They demanded a ransom of four bitcoins, the equivalent of $36,000, by 5pm on the 25 October. However, Funzela Ngobeni, a city council member said:

“The city will not concede to their demands for bitcoins, and we are confident that we will be able to restore systems to full functionality.”

No ransom was paid and last reported, 80 per cent of the city’s system were back online. The threats and fear the hackers tried to instill in the city have not worked.

Responding to attacks

Of course, it would be more ideal if the council’s system were never broken into in the first place – hopefully an investigation into how that happened will take place – you cannot fault the response. If I were a citizen of Johannesburg, I would much rather systems were down for a few weeks than see my local government give into such demands. If they did, it would only encourage repeat attacks in the future.

With attacks like this on the rise, more examples of not paying ransoms are needed. One survey by British Insurers found that ransomware-based attacks increased 37 percent in Q3 of 2019 over Q2. Johannesburg city responded in the right way, and hopefully others will follow suit in the future.

All types of organizations can be a target of cyber attacks. Organizations desperately need the right solutions to prevent attacks, and to respond quickly if something does break through. Combine that with an attitude that refuses to pay scared into paying ransoms, and organizations will be on the right path.

Learn why organizations protected by Global Data Sentinel don’t pay ransom demands.