cyber Ransomware

City of Johannesburg

May 11, 2023 1 min read
City of Johannesburg

The internal network of the city of Johannesburg was targeted in a ransomware attack by a hacker group that goes by the name of Shadow Kill Hackers.

The hackers compromised all passwords and sensitive data such as finance and personal population information and had control over everything in your city.

The city authorities immediately shut down all the IT infrastructure, such as websites, payment portals, and other e-services.
'
The hackers however posted a screenshot claiming that they have access to the city's Active Directory and demanded ransom estimated at around $30,000 or 4 bitcoins.

Source: https://www.zdnet.com/article/city-of-johannesburg-held-for-ransom-by-hacker-gang/

TPRM report: https://scoringcyber.rankiteo.com/company/city-of-johannesburg

"id": "cit2326101022",
"linkid": "city-of-johannesburg",
"type": "Ransomware",
"date": "10/2019",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"
{'affected_entities': [{'industry': 'Public Administration',
                        'location': 'Johannesburg, South Africa',
                        'name': 'City of Johannesburg',
                        'type': 'Government'}],
 'data_breach': {'personally_identifiable_information': 'Yes',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Passwords',
                                              'Finance information',
                                              'Personal population '
                                              'information']},
 'description': 'The internal network of the city of Johannesburg was targeted '
                'in a ransomware attack by a hacker group that goes by the '
                'name of Shadow Kill Hackers. The hackers compromised all '
                'passwords and sensitive data such as finance and personal '
                'population information and had control over everything in '
                'your city. The city authorities immediately shut down all the '
                'IT infrastructure, such as websites, payment portals, and '
                'other e-services. The hackers however posted a screenshot '
                "claiming that they have access to the city's Active Directory "
                'and demanded ransom estimated at around $30,000 or 4 '
                'bitcoins.',
 'impact': {'data_compromised': ['Passwords',
                                 'Finance information',
                                 'Personal population information'],
            'systems_affected': ['Websites', 'Payment portals', 'E-services']},
 'motivation': 'Financial',
 'ransomware': {'ransom_demanded': '$30,000 or 4 bitcoins'},
 'response': {'containment_measures': 'Shut down all IT infrastructure'},
 'threat_actor': 'Shadow Kill Hackers',
 'title': 'Ransomware Attack on the City of Johannesburg',
 'type': 'Ransomware'}
Published by
Harshit Kaur Bhatia
Harshit Kaur Bhatia
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.