Bad day for SA’s cyber security as banks suffer DDoS attacks

Read time 2min 50sec

South African banks were targeted by distributed denial of service (DDoS) attacks.

That’s according to the South African Banking Risk Information Centre (SABRIC).

This comes after the City of Johannesburg just said it detected a network breach which resulted in unauthorised access to its information systems.

The incident is currently being investigated by City of Joburg cyber security experts.

As a result, the city says several customer-facing systems – including the city’s Web site, e-services, billing system – have been shut down as a precautionary measure.

“On behalf of the banking industry, we can confirm that as of Wednesday, the 23rd of October 2019, the banking industry has been hit by a wave of ransom driven distributed denial of service attacks, targeting various public facing services across multiple banks,” says SABRIC in a statement.

According to SABRIC, these attacks started with a ransom note which was delivered via e-mail to both unattended as well as staff email addresses, all of which were publicly available.

It notes that threat intelligence which has surfaced has revealed that this is a multi-jurisdictional attack with entities from several countries being targeted and should, therefore, not be viewed as a targeted attack on South African companies only.

“We must emphasise that DDoS attacks like this one do not involve hacking or a data breach and, therefore, no customer data is at risk. It does however, involve increased traffic on networks necessary to access public facing services. This may cause minor disruptions,” says SABRIC.

It adds that robust defensive strategies have been invoked across the industry and we are confident that customer impact will be kept to a minimum.

“Despite our banks' preparedness and resilience, we will continue to monitor this situation very closely and respond as required,” says SABRIC acting CEO, Susan Potgieter.

Meanwhile, Standard Bank earlier this morning blamed “hardware issues” for the outage its platforms suffered yesterday.

The bank says the service disruption was not related to any external factors, noting that no customer data or customer information was impacted.

Anna Collard, managing director from at Popcorn Training, a KnowBe4 company says breaches occur on a regular basis.

“While large ones hit the headlines, small ones are continuous like a dripping tap. This is maily because a lot of the breaches occur at small companies or merchants. The full scale of these breaches can’t be fully appreciated until looked at in totality as this breach shows.”

She says for companies of all sizes, having good security control is absolutely vital. “For the most part, this would mean having the fundamental security controls which can prevent, protect, and respond to threats.

“Beyond that, companies should look at what the biggest threats to them are, and how those threats materialise. In the majority of cases, this will boil down to social engineering attacks, taking advantage of unpatched sofware, or authentication attacks. By investing in these controls, most companies can reduce the likelihood of being successfully compromised.”

Login with