Business Maverick


Cyber bandits target South Africa: Department of Justice, Space Agency hit by ransomware attacks

Cyber bandits target South Africa: Department of Justice, Space Agency hit by ransomware attacks

Two more South African government agencies, the Department of Justice and the South African National Space Agency, have been hit by ransomware attacks.

The ransomware attacks come just months after state port operator Transnet’s operations were crippled by a cyber attack that tore through its IT system, bringing exports and imports to a near standstill. 

With more people working from home and relying on often insecure internet connections, cyber incursions have become more frequent in SA and around the world. 

In a statement on Thursday, the Department of Justice (DOJ) said its systems had been breached on Monday evening. This led to “all information systems being encrypted and unavailable to both internal employees as well as members of the public”.

“All electronic services provided by the DOJ are affected, including issuing of letters of authority, bail services, email and the departmental website,” the department said. 

The department said its various units had resorted to manual systems, and that court hearings would continue around the country. In the statement, the DOJ refers to phishing emails and “drive-by downloading” as possible origins of the cyber attack. The DOJ did not indicate whether a ransom had been demanded. 

The hit on the DOJ follows a cyber attack on the SA National Space Agency, Sansa, which saw more than 14 gigs of data stolen by a group called CoomingProject, which has posted some of the filched data online. 

A cyber security expert told Business Maverick the files taken by the group from Sansa’s server did not seem to contain sensitive information.

Brett Callow, a threat analyst at anti-virus software company Emsisoft, said CoomingProject seems to be a new player in the ransomware arena, but had already claimed some big scalps. 

“The website appeared about a week ago and we know nothing at all about its operators. To date, they’ve released data which was allegedly hacked from 14 companies in countries including France, Canada, the US and, of course, South Africa,” Callow told Business Maverick.

Sansa performs space research and assists in the building of spacecraft. It also operates the only regional weather warning facility in Africa and a “magnetically clean facility” in Hermanus. The agency did not respond to a request for comment. BM/DM


Comments - Please in order to comment.

Please peer review 3 community comments before your comment can be posted


This article is free to read.

Sign up for free or sign in to continue reading.

Unlike our competitors, we don’t force you to pay to read the news but we do need your email address to make your experience better.

Nearly there! Create a password to finish signing up with us:

Please enter your password or get a sign in link if you’ve forgotten

Open Sesame! Thanks for signing up.

[%% img-description %%]

The Spy Bill: An autocratic roadmap to State Capture 2.0

Join Heidi Swart in conversation with Anton Harber and Marianne Merten as they discuss a concerning push to pass a controversial “Spy Bill” into law by May 2024. Tues 5 Dec at 12pm, live, online and free of charge.

A South African Hero: You

There’s a 99.8% chance that this isn’t for you. Only 0.2% of our readers have responded to this call for action.

Those 0.2% of our readers are our hidden heroes, who are fuelling our work and impacting the lives of every South African in doing so. They’re the people who contribute to keep Daily Maverick free for all, including you.

The equation is quite simple: the more members we have, the more reporting and investigations we can do, and the greater the impact on the country.

Be part of that 0.2%. Be a Maverick. Be a Maverick Insider.

Support Daily Maverick→
Payment options