Cyber Incident Victim: City of Johannesburg
Date:
Oct 2019
Location:
South Africa
Summary
The City of Johannesburg shuts down its website and billing systems after a group hacked into the authoritys system and demanded a ransom of four Bitcoins worth about $30,000.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 0 motives | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
In October 2019, the City of Johannesburg was hit by a cyber attack that disrupted its billing system and forced it to shut down online payments for several days. The attacker, Shadow Kill Hackers, claimed responsibility for the incident, stating their motive as financial gain.
The incident occurred when the hackers launched an External Denial of Service (DoS) attack against the city's billing system, overwhelming it with traffic and causing widespread disruption to online payments. The city was forced to shut down its online payment platform as a precautionary measure, leaving residents unable to make bill payments or access their accounts online.
The attack is believed to have originated from an unknown location outside of South Africa, with the hackers claiming responsibility through an anonymous message posted on social media. The city's IT department worked around the clock to contain and mitigate the attack, but it was not until several days later that services were fully restored.
The incident highlighted the vulnerability of municipalities to cyber attacks, with many cities across South Africa experiencing similar incidents in recent years. It also underscored the need for greater investment in cybersecurity measures to protect critical infrastructure and systems from such threats.