City of Johannesburg has until 5pm to pay ransom demand - or personal data of citizens will be released

'We have dozens of back doors inside your city. We have control of everything,' warn City of Johannesburg hackers

The City of Johannesburg has until 5pm this afternoon to pay a ransom set by a group of hackers named the 'Shadow Kill Hackers', or risk having the financial and personal data of millions of citizens released online.

According to local reports, the cyber criminals cracked the website on Thursday and threatened to release the financial and personal data of millions of citizens online unless they are paid four bitcoins (over $30,000) by the deadline today.

We have dozens of back doors inside your city. We have control of everything

"All your servers and data have been hacked," hackers said in ransom note, according to several city employees.

"We have dozens of back doors inside your city. We have control of everything in your city. We also compromised all passwords and sensitive data such as finance and personal population information," they further wrote.

After the ransom message was noticed on various systems, authorities ordered the shut down of all the city's IT infrastructure, including payment portals, important official websites, and other e-services.

Later, city officials confirmed in a tweet that they had "detected a network breach" that had enabled hackers to have an unauthorised access to their IT systems.

https://twitter.com/CityofJoburgZA/status/1187476208872636416?ref\\_src=twsrc%5Etfw

Hackers also posted some screenshots on Twitter to show that they had access to the city's Active Directory server. The group also claimed that they had deactivated the DNS server and taken down the City's website.

The cyber security teams of the City are currently investigating the incident. It is not yet clear whether the authority intends to pay the ransom demanded by the hackers.

The incident also coincided with a similar incident in Johannesburg, in which a number of banks reported technical issues, thought to be linked to cyber attacks.

Two banks, Absa and Standard Bank, informed their customers that they were having technical glitches related to their online systems, although no customer data was compromised, according to the South African Banking Risk Information Centre.

Earlier in July, Johannesburg's City Power was also hit by a cyber attack, restricting the ability of customers to pay for their electricity online.

Similar ransomware attacks have also been reported recently in other parts of the world.

Last month, hackers attacked the systems of a southern Spanish city, demanding a Bitcoin ransom to unlock them.

Earlier this month, several hospitals in US and Australia were hit by a ransomware attack, forcing them to shut down their systems and even cancel elective surgeries.

Also this month, the FBI issued a public-service announcement advising organisations not to pay ransomware demands. According to the US law-enforcement agency, paying any ransom only encourages criminals to target more people and demand more money in future attacks.