South African city of Johannesburg was hit by a ransomware attack last week and certain websites and services are off line.
The city of Johannesburg said in a post Friday its systems had been illegally accessed by hackers, which led to its official website and various services being taken offline. Impacted services include billing, property valuation, land information, health and others.
In another post Monday, the Johannesburg officials said it will not concede to a R400,000 (US$27,467.60) ransom demand by the Shadow Kill Hackers.
Hackers gave the city until 5 p.m. Monday to pay it 4.0 bitcoins or they would leak compromised city data on the Internet.
The city’s finance MMC, Funzela Ngobeni, said on Monday in a published report experts had been working around the clock following a computer network security breach last Thursday.
He said the cyber attack had had a “significant impact on our ability to deliver services to our residents”, but was confident that 80 percent of the service would be reinstated by the close of business on Monday.
Ngobeni said the city had brought in international cyber forensic partners who were using “state-of-the-art forensic tools to get to the bottom of the matter”.
Cyril Baloyi, head of IT in the city, said through extensive investigations they had located the origin of the attack.
Baloyi acknowledged there had been loopholes in the network.
“We are fully aware we do have loopholes in the city of Joburg. We do have already a plan that was approved on October 3, but unfortunately we were hit before our plans could be implemented,” said Baloyi.