South Africa’s Justice Department suffered a massive ransomware attack earlier this month and is reportedly still trying to get its operations back to normal. The attack took place on September 6, 2021, when the ransomware encrypted all information systems provided by the department. This made all electronic services – including email and website – unavailable to internal staff and the public. According to a report from Bleeping Computer, the Justice Department immediately dealt with the attack by activating a contingency plan. The plan was a measure to deal with such situations and ensure that all activities in the country were not disrupted by the attack.
NS ransomware Encryption also affected the distribution of monthly child maintenance payments to beneficiaries. Activity will be delayed until the system is fully restored.
NS report good Steve Mahlangu, spokesman for the Department of Justice and Constitutional Development, said:[The attack] Has encrypted all information systems and is unavailable to both internal staff as well as members of the public. Consequently, all electronic services provided by the Department are affected, including issuance of letters of authorization, bail services, e-mails and departmental websites.
Mahalangu said that although the exact date of restoration of the system cannot be predicted, the department “will ensure that all child maintenance funds are kept safe for payment to the correct beneficiaries once the system is online.”
Mahlangu, however, said that despite the attack some activities were going on under the department. For example, court meetings continued after switching to manual mode for recording hearings. Similarly, manual procedures were being followed for issuance of various legal documents.
The Justice Department also switched to a new email system. A part of the staff has already migrated to the new email system.
The department has not been able to identify the hackers behind this attack. However, given that network restoration is taking a long time, it assumes that the hackers did not get paid for the attack.
Typically, hackers and ransomware gangs steal data before the information system is encrypted. This forces the victims to pay a huge ransom amount as they fear the leak of information into the public domain. However, IT experts from the department have found “no sign of data compromise” so far.
.