The City of Johannesburg has upgraded its ICT systems following the network breach last month.
At the end of October, the city revealed it detected a network breach which resulted in unauthorised access to its information systems.
This led to the city shutting down several customer-facing systems, including the city’s Web site, e-services and billing system as a precautionary measure.
Shadow Kill Hackers – the group behind the hack – then demanded ransom of 4.0 Bitcoin (R545 000), saying: “All your servers and data have been hacked. We have dozens of back doors inside your city. We have control of everything in your city.
“We also compromised all passwords and sensitive data such as finance and personal population information.”
The hackers then demanded the payment of 4.0 Bitcoins by 5pm on 28 October, failing which they would upload all the data onto the Internet.
However, the city said it will not pay the ransom demanded by the hackers.
Giving an update on the hack, the city says: “Although the cyber attack was unfortunate – there is an upside to this. It has presented the city with an opportunity to ensure a swifter upgrade and integration of our systems.”
According to the city, to date, the bulk of its systems have been restored. “We are confident that by the beginning of next week, all services would have been restored and it will be business as usual for the city.”
It points out that over the weekend, the Group Information Communication Technology (GICT) department conducted a final maintenance run on all systems in order to complete the restoration process.
“Going forward, GICT will be moving ahead with the implementation of the cyber security strategy that was approved in September by the group audit committee and executive management team, which will result in massive upgrades to our network security.
“We re-assure you that none of our internal revenue systems were affected. This means our billing is up to date and we hope that by the next billing cycle, all our systems would have been fully restored.
“The reason we continued with a system shutdown was a precautionary measure to limit external infiltration by external forces with criminal intent.”
Share