Johannesburg, South Africa's largest city, has come under a distributed denial-of-service (DDoS) attack resulted in unauthorized access to its system information, now dealing with the second major breach to its network in three months.
According to local media reports and a widely circulated ransom note, a group calling itself Shadow Kill Hackers is demanding 4 Bitcoin, or roughly $34,000, to the city’s servers. Previously in July, the city was hit by another ransomware which infected the IT networks of a utility that provided power to the city, forcing the company to rebuild some of its computer systems.
According to cybersecurity company, Kaspersky in 2018, South Africa was ranked second among countries with the most banking malware infections on Android devices.
It's imperative for cybercrime investigators and analysts to unmask cyber criminals through identity attribution focusing to catch the culprit and their cohorts rather than playing the repetitive game of defensive whack-a-mole. Read more on the proactive approach of Modern-Day Manhunt: Operationalizing Cyber Attribution.
Public-facing services of multiple financial institutions were on Wednesday hit by a wave of “ransom-driven” DDoS attacks, according to the South African Banking Risk Information Centre (SABRIC), an association of banks focused on combating crime. The attackers aren’t deploying ransomware, but instead are using DDoS attacks to demand a fee to stop inundating victims with web traffic. SABRIC did not disclose the size of the extortion fee.