Sign in
Download Opera News App



SA Courts Hit By Ransomware Hack. Sensitive Witness Info Might Be Compromised And R 33 Million Gone

Hackers have taken down vital systems at magistrate's courts across the country, as the fallout from the three-week-old cyber-attack on the Department of Justice begins to show and threatens to paralyze the criminal justice system.

The loss of their email system, according to two prosecutors who spoke to News24 on the condition of anonymity, rendered contact impossible.

Court officials were now cut off from the outside world, utilizing voice-over-internet phone lines, and court clerks were tasked with making CDs to safely archive courtroom audio recordings.

"We can't even send an email," one National Prosecuting Authority (NPA) source stated, adding that "the entire workforce and [the] workflow are affected."

Because the Department of Justice systems are still down, a note was sent out to court personnel in Durban explaining how clerks should store trial audio recordings on CD.

"Magistrates should please guarantee that clerks are making CDs as backups in all trial matters," the memo states.

He expressed concern that an online DOJ system used to plan travel and lodging for witnesses in criminal prosecutions was also down, potentially prolonging a procedure that had already taken weeks. On September 6, the Department of Justice stated that its computers had been infected with ransomware.

Hackers install harmful software on computers to restrict users from accessing their data, which is known as a ransomware assault. While cybercriminals encrypt crucial data with unbreakable algorithms, thereby locking users out of their own systems, some of the most hardest to deal with attacks occur when cybercriminals encrypt vital data with unbreakable algorithms.

The DOJ hack has resulted in this depressing outcome.

"As a result, all information systems have been encrypted and are unreachable to both internal staff and members of the public," according to a statement made a week after the incident.

While the agency was hazy about the scope of the cyberattack, it did say that all online services had been rendered unusable and that divisions across the massive state organization were resorting to paper operations. The systems of the Department of Justice, as well as the Information Regulator and the South African National Space Agency, were all compromised.

Hackers had already given a hammer blow by encrypting data, according to cybersecurity experts, and prospects of recovering it were limited to none. According to Jason Jordaan, lead forensic analyst of DFIRLABS, the attack's lack of transparency belied the gravity of the breach.

"Regardless of whether method or version of ransomware was employed, the fact that systems were shut down for such a long length of time indicates that the attack was significant." "They're probably feverishly scrambling to restore their data at this point," Jordaan added.

"Depending on the version of ransomware you're dealing with, the chances of retrieving anything range from slim to a snowball's chance in hell," according to the report, which also claims that brute force decryption [without a key] would take "thousands of years."

On Tuesday, News24 posed queries to the Department, which issued a statement in response. It explained how courts had been manually documenting hearings but that in most regions, electronic recording had been restored. The Masters Office and Guardian's Fund documents are generally inaccessible.

"This incident is being investigated as a crime by the Department." The intrusion was notified to the appropriate law enforcement agencies as early as September 10th. In this regard, the Department is actively collaborating with law enforcement agencies," it states.

The Department also stated that it was still determining the extent to which personal information had been compromised, and that it was strengthening ICT security. Surprisingly, it denied that its servers and backups had been encrypted, contradicting a previous declaration.

The department denied receiving a ransom demand in the amount of 50 bitcoins, which is almost R33 million. The attack occurs at a time when state governments have been identified as potential targets. After a cyber-attack in July, Transnet claimed force majeure. In October of last year, the Office of the Chief Justice was hacked.

The DOJ should cut their losses on the hacked data, according to Stephen Osler of cybersecurity firm Nclose.

"People must realize how devastating these incidents may be." The criminal gangs behind these malware attacks want to infiltrate any environment they can to the maximum extent feasible in order to justify paying a ransom. This entails encrypting all vital servers, wiping out all backups, and bringing the company or organization to its knees.

"It's perfectly common for an offensive event of this magnitude that they [the Department of Justice] are still affected three weeks after the original strike."

"We know of organizations that are still suffering months after an assault, and it takes a long time to recuperate and get the organization back on track." If you're lucky, you'll have solid business processes in place, and you'll be able to pivot and recover using these.

We value your feedback. Participate in the discussion by leaving your thoughts on the story in the comments section.

Content created and supplied by: NewsAmple (via Opera News )

NPA National Prosecuting Authority News24 SA


Load app to read more comments