The Department of Justice and Constitutional Development (DOJCD) in South Africa has denied claims that it had received a ransom demand from hackers for 50 bitcoin that had attacked its systems back on September 6th, 2021. Instead, they insisted that its industry partners, tech experts and selected organs of the state were actively working in order to contain the problem and ensure the restoration of the systems that had been compromised in the ransomware attack. The department consequently mentioned in a tweet that the article published on September 20th by Mybroadband was ‘completely untrue’.
The Ministry of Justice and Correctional Services in South Africa explained that the DOJCD wanted to put it on record that they hadn’t received any demand for ransom after the ransomware attack, as suggested in the article Mybroadband published on September 20th, 2021. Thus, the article was not true. However, Mybroadband, the tech news site in South Africa reported that the hackers behind the ransomware attack had demanded around 50 bitcoins in ransom in exchange for restoring access to the systems that were compromised. It was added in the same report that a tech company had subsequently been brought in for attempting to get control of the systems compromised.
The unnamed tech company had examined the ransomware attack and had then advised the DOJCD to pay the ransom and then to use a cloud backup system in the future. If the DOJCD agreed to the ransom demand, they would be able to get control of all electronic services that the department provides. Mybroadband also said in its report that it had requested the DOJCD to shed some more light on the nature of the ransomware attack itself that had been made against its IT system. They said that the department had promised to provide feedback later on.
Meanwhile, the claims by the DOJCD of not receiving a demand for ransom have been questioned by some Twitter users. For instance, one user insisted that the only way to resolve this ransomware attack on its systems was to agree to the demand for ransom. The user said that the ransomware attack meant that they would automatically be provided the bitcoin or altcoin address that has to be paid to in order to get access to the files. That’s why it is called ransomware and there is no other classification that can be made. According to another user, this attack simply highlighted the ineptitude of the people who are currently responsible for overseeing the IT department of the DOJCD.
As a consequence of the ransomware attack, some of the services that are provided by the DOJCD are now being manually provided. However, it was noted by the department that they had managed to recover some functionality of the Mojapay system and they had also managed to process most of the child maintenance systems. Such ransomware attacks that demand the payment of cryptocurrencies in ransom is no longer a new concept. As cryptocurrencies grant anonymity to people, they are being increasingly used for such activities.