Department denies R33m ransom claim
THE Department of Justice and Constitutional Development has denied allegations that hackers, who launched a ransomware attack on its information communication technology (ICT) system two weeks ago, have demanded a ransom of R33 million.
This followed a media report suggesting that cyber attackers wanted the department to pay them millions of rand before they could restore the ICT system to its normal operational level.
The department has expressed concern that personal information may have been accessed, saying it was in the process of establishing the exact nature of the data that may have been affected.
Department spokesperson Steven Mahlangu told the Pretoria News, the Daily News sister paper, that the media report about a ransom demand was “inaccurate”, and the concerned media house had agreed to retract it.
Mahlangu said the department was “currently rebuilding its back-up infrastructure, and so far has not experienced any encryption in this regard”.
According to him, further investigation was ongoing to establish the identity of the perpetrators behind the attack. “The director-general and senior management of the department continue to work around the clock to ensure that this challenge is resolved,” he said.
Mahlangu said since the ICT breach by hackers, the department’s IT team, selected industry parties and organs of state, had been “working expeditiously to contain the spread of the malware and bringing up services in a safe and secure manner”.
According to Mahlangu, the department prioritised the payment of maintenance to beneficiaries, saying “the processing of these payments was successfully completed on September 16, 2021 and every workday since, with most beneficiaries having received their payments from September 16 to 20”.
To date, more than 30 000 beneficiaries have been paid.
Mahlangu said: “As part of the department’s business continuity plans, manual processes have been put in place to ensure that courts can operate normally, with manual court recording functionality for court proceedings having been instituted. In the past week the electronic recording of court proceedings had been restored since September 16 and as such most courts are operating as normal.”
He said Master’s offices around the country continued to “as an interim measure, use a manual process to (assist) bereaved families, in exceptional cases, where there is a need to access funds from the deceased’s banking account for burial costs”.
Spokesperson for the Companies and Intellectual Property Commission (CIPC), Charmaine Motloung said the entity had been under threat from cyber attackers; however, its “ICT technicians were alerted to a possible security compromise and as a result, all CIPC systems were shut down immediately” on September 15 and 16.
She said the systems had since been restored and that the shutdown was “a precautionary measure to mitigate any possible damage”.
“The CIPC utilises state-of-the-art security software and any attempts to penetrate the IT environment were promptly picked up and security protocols kicked in to safeguard the system,” Motloung said.
She said the CIPC was pleased that the attempted ICT breach was identified and isolated before any information contained in its records could be compromised. “CIPC staff are attending to delays caused by the shutdown and assure customers that applications and registrations are being processed normally and optimally,” Motloung said.