https://www.bleepingcomputer.com/news/security/ransomware-encrypts-south-africas-entire-dept-of-justice-network/ BleepingComputer.com logo * * * [ ] [Login] [Sign up] * * * [ ] [Login] [Sign up] * News + Featured + Latest + Microsoft rolls out passwordless login for all Microsoft accounts Microsoft rolls out passwordless login for all Microsoft accounts + Google Chromebook bug causes black screens after login Google Chromebook bug causes black screens after login + Millions of HP OMEN gaming PCs impacted by driver vulnerability Millions of HP OMEN gaming PCs impacted by driver vulnerability + Windows 10 KB5005565 & KB5005566 cumulative updates released Windows 10 KB5005565 & KB5005566 cumulative updates released + Microsoft fixes critical bugs in secretly installed Azure Linux app Microsoft fixes critical bugs in secretly installed Azure Linux app + Ransomware encrypts South Africa's entire Dept of Justice network Ransomware encrypts South Africa's entire Dept of Justice network + MikroTik shares info on securing routers hit by massive Meris botnet MikroTik shares info on securing routers hit by massive Meris botnet + Ransomware gang threatens to wipe decryption key if negotiator hired Ransomware gang threatens to wipe decryption key if negotiator hired * Downloads + Latest + Most Downloaded + Qualys BrowserCheck Qualys BrowserCheck + STOPDecrypter STOPDecrypter + AuroraDecrypter AuroraDecrypter + FilesLockerDecrypter FilesLockerDecrypter + AdwCleaner AdwCleaner + ComboFix ComboFix + RKill RKill + Junkware Removal Tool Junkware Removal Tool * Virus Removal Guides + Latest + Most Viewed + Ransomware + How to remove the PBlock+ adware browser extension How to remove the PBlock+ adware browser extension + Remove the Toksearches.xyz Search Redirect Remove the Toksearches.xyz Search Redirect + Remove the Smashapps.net Search Redirect Remove the Smashapps.net Search Redirect + Remove the Smashappsearch.com Search Redirect Remove the Smashappsearch.com Search Redirect + Remove Security Tool and SecurityTool (Uninstall Guide) Remove Security Tool and SecurityTool (Uninstall Guide) + How to remove Antivirus 2009 (Uninstall Instructions) How to remove Antivirus 2009 (Uninstall Instructions) + How to Remove WinFixer / Virtumonde / Msevents / Trojan.vundo How to Remove WinFixer / Virtumonde / Msevents / Trojan.vundo + How to remove Google Redirects or the TDSS, TDL3, or Alureon rootkit using TDSSKiller How to remove Google Redirects or the TDSS, TDL3, or Alureon rootkit using TDSSKiller + Locky Ransomware Information, Help Guide, and FAQ Locky Ransomware Information, Help Guide, and FAQ + CryptoLocker Ransomware Information Guide and FAQ CryptoLocker Ransomware Information Guide and FAQ + CryptorBit and HowDecrypt Information Guide and FAQ CryptorBit and HowDecrypt Information Guide and FAQ + CryptoDefense and How_Decrypt Ransomware Information Guide and FAQ CryptoDefense and How_Decrypt Ransomware Information Guide and FAQ * Tutorials + Latest + Popular + How to make the Start menu full screen in Windows 10 How to make the Start menu full screen in Windows 10 + How to install the Microsoft Visual C++ 2015 Runtime How to install the Microsoft Visual C++ 2015 Runtime + How to open an elevated PowerShell Admin prompt in Windows 10 How to open an elevated PowerShell Admin prompt in Windows 10 + How to Translate a Web Page in Google Chrome How to Translate a Web Page in Google Chrome + How to start Windows in Safe Mode How to start Windows in Safe Mode + How to remove a Trojan, Virus, Worm, or other Malware How to remove a Trojan, Virus, Worm, or other Malware + How to show hidden files in Windows 7 How to show hidden files in Windows 7 + How to see hidden files in Windows How to see hidden files in Windows * Deals + Categories + eLearning eLearning + IT Certification Courses IT Certification Courses + Gear & Gadgets Gear + Gadgets + Security Security * Forums * More + Startup Database + Uninstall Database + File Database + Glossary + Chat on Discord + Send us a Tip! + Welcome Guide * Home * News * Security * Ransomware encrypts South Africa's entire Dept of Justice network * * Ransomware encrypts South Africa's entire Dept of Justice network By Ionut Ilascu * September 15, 2021 * 03:35 PM * 0 Ransomware attack delays child support payment in South Africa The justice ministry of the South African government is working on restoring its operations after a recent ransomware attack encrypted all its systems, making all electronic services unavailable both internally and to the public. As a consequence of the attack, the Department of Justice and Constitutional Development said that child maintenance payments are now on hold until systems are back online. All services affected The incident happened on September 6 and the department activated the contingency plan for such events to ensure the continuation of some activity in the country. "[The attack] has led to all information systems being encrypted and unavailable to both internal employees as well as members of the public. As a result, all electronic services provided by the department are affected, including the issuing of letters of authority, bail services, e-mail and the departmental website" - Steve Mahlangu, spokesperson for the Department of Justice and Constitutional Development Last week, Mahlangu said that court sittings continued after a switch into manual mode for recording the hearings. A manual process has also been adopted for issuing various legal documents. However, the ransomware attack impacted monthly child maintenance payments, which have been delayed until the systems are restored. "While the department is not able to determine the exact date when the required systems will be restored, it will ensure all child maintenance money is kept secure for payment to the rightful beneficiaries when the systems are back online" - Steve Mahlangu The department is still in the process of returning to regular operations but it is cannot say when the activity will become normal again. Part of this effort was setting up a new email system, to which some staff has already migrated. Coupled with the long time needed for network restoration, this is a sign that the hackers did not get paid. It is unclear who is behind this attack. Many ransomware gangs also steal data before encrypting it, to force the victim into paying the ransom under the pressure of a public leak. Mahlangu said last week that the Department's IT experts have found "no indication of data compromise." Until now, the attack has not been claimed by any of the gangs with a data leak site. Related Articles: Ransomware gang threatens to wipe decryption key if negotiator hired Going beyond backup: Acronis True Image is now Acronis Cyber Protect Home Office BlackMatter ransomware hits medical technology giant Olympus REvil ransomware is back in full attack mode and leaking data The Week in Ransomware - September 10th 2021 - REvil returns * Ransomware * * * * * Ionut Ilascu Ionut Ilascu is a technology writer with a focus on all things cybersecurity. The topics he writes about include malware, vulnerabilities, exploits and security defenses, as well as research and innovation in information security. His work has been published by Bitdefender, Netgear, The Security Ledger and Softpedia. * Previous Article * Next Article Post a Comment Community Rules You need to login in order to post a comment [Login] Not a member yet? Register Now You may also like: [INS::INS] [Bleeping_Computer_CFM_2021] Popular Stories * Apple Apple fixes iOS zero-day used to deploy NSO iPhone spyware * Microsoft Patch Tuesday Microsoft September 2021 Patch Tuesday fixes 2 zero-days, 60 flaws Newsletter Sign Up To receive periodic updates and news from BleepingComputer, please use the form below. [ ] [Submit] [acronis-cy] Newsletter Sign Up [ ] [Submit] * Follow us: * * * * Main Sections * News * Downloads * Virus Removal Guides * Tutorials * Startup Database * Uninstall Database * File Database * Glossary Community * Forums * Forum Rules * Chat Useful Resources * Welcome Guide * Sitemap Company * About BleepingComputer * Contact Us * Send us a Tip! * Advertising * Write for BleepingComputer * Social & Feeds * Changelog Terms of Use - Privacy Policy - Ethics Statement Copyright @ 2003 - 2021 Bleeping Computer^(r) LLC - All Rights Reserved Login Username [ ] Password [ ] [*] Remember Me [ ] Sign in anonymously [Login] Sign in with Twitter button Sign in with Twitter --------------------------------------------------------------------- Not a member yet? Register Now Reporter Help us understand the problem. What is going on with this comment? * ( )Spam * ( )Abusive or Harmful * ( )Inappropriate content * ( )Strong language * ( )Other [ ] * [ ] Read our posting guidelinese to learn what content is prohibited. Submitting... SUBMIT