JOHANNESBURG - The Johannesburg city council said it had detected a network breach which resulted in unauthorised access to its information systems.
In a statement posted on its Twitter account late on Thursday, the city said cyber security experts were investigating the incident and had taken immediate and appropriate action to reinforce security measures and mitigate any potential impact.
"As a result several customer facing systems - including the city's website, e-services, billing system ... have been shut down as a precautionary measure," it said.
Reports further indicated that the hack had also affected several banks. Standard Bank and ABSA had also reported issues with customers having difficulty logging onto their digital channels.
The hackers reportedly demanded the payment of 4.0 bitcoins by October 28 at 17:00 failing which they will upload all the data on to the internet.
According to Standard Bank's head of media relations, Ross Linstrom, the internet banking downtime that users experienced yesterday was not related to the hack on the City of Joburg.
Linstrom said, "Yesterday Standard Bank experienced technical difficulties with some of its online transactional platforms. This included the Mobile Banking App, Online Share Trading and Internet Banking platforms. The problem was detected just before 10h00 on Thursday morning and was resolved at 12:30. The cause of the service disruption was due to an internal hardware issue that impacted on some of the customer facing services that Standard Bank offers its clients. The service disruption was not related to any external factors. No customer data or customer information was impacted."
Linstrom further said that customers who were trying to access the impacted Standard Bank applications could still conduct their banking activities by making use of Standard Bank’s Cell Phone Banking service by dialling *120*2345#, using ATMs, debit or credit card.
"Standard Bank extends its apologies to customers who have been inconvenienced by the down time. Customers can follow @StandardBankZA on Twitter for further updates."
According to Nathalie Schooling, Customer Experience specialist and CEO of nlighten, this is a warning and reality check for SA businesses, organisations and government services.
Schooling said, "Cyber security should be considered a very real threat with serious consequences for both business and customer."
We are aware of the ongoing intermittent issues with our digital channels and our technicians are working on a fix. We will let you know as soon as that is resolved and we're up and running again. Apologies for any inconvenience caused.
— Absa South Africa (@AbsaSouthAfrica) October 23, 2019
The city of Joburg is under a cyber attack, wow hectic! pic.twitter.com/L221AkWBGG
— The Bank of Sweden 🇸🇪 (@Sandilebanks) October 24, 2019
Update: Our Internet Banking and Banking App services have been fully restored. Thank you for your patience and we apologise for any inconvenience caused.
— StandardBankZA (@StandardBankZA) October 24, 2019
The City has detected a network breach in its systems ^TK pic.twitter.com/r43iiJiUya
— City of Joburg (@CityofJoburgZA) October 24, 2019
Anna Collard, Managing director from at Popcorn Training, a KnowBe4 company said, "Breaches occur on a regular basis. While large ones hit the headlines, small ones are continuous like a dripping tap. This is mainly because a lot of the breaches occur at small companies or merchants. The full scale of these breaches can’t be fully appreciated until looked at in totality as this breach shows."
"For companies of all sizes, having good security control is absolutely vital. For the most part, this would mean having the fundamental security controls which can prevent, protect, and respond to threats. Beyond that, companies should look at what the biggest threats to them are, and how those threats materialise. In the majority of cases, this will boil down to social engineering attacks, taking advantage of unpatched sofware, or authentication attacks. By investing in these controls, most companies can reduce the likelihood of being successfully compromised," Collard concluded.