It is sad when a party loses talented people. It is sadder when one has worked for decades to build a party to see it teetering on the brink of a major setback.
Multimedia · User Galleries · News in Pictures
Send us your pictures · Send us your stories
In the hidden world of cyber-crime nothing is guaranteed. Who knows what the actual intentions are of the Shadow Kill Hackers, asks Matthew Gaskel.
If you haven't been too distracted by the rugby dominated
headlines this weekend you might have noticed that there was a "network
breach" at the City of Johannesburg. What this means is that if you browsed
for Joburg.org.za on your cell phone or computer you would not (and at the time
of writing this article) would STILL NOT have been able to view the website or access
the information that it provides.
This is because a group calling themselves the Shadow Kill Hackers (most awesome name ever) were able to access the City's network and
turn off the website, similar to someone stealing your phone and deleting your Instagram
As a business analyst with Synthesis Software Technologies
(a home grown South African software solution provider) we understand that
these situations are key to understanding how the IT landscape is evolving and
what the risks for each organisation and person might be. Whether we choose to
be more or less connected and engaged in technology, it has become critical to
our functionality. And that means that we are all vulnerable.
READ | Notorious hacker shuts down government website... again
So why did the hack happen?
Attacks like these happen all the time and all around the
world. These attacks range vastly in size and motive. From small so-called
script kiddies trying their luck through to highly skilled, state sponsored organisations
with a strategic motive to cause real harm. The latter was behind famous cyber-attacks
such as NotPetya or WannaCry which derailed logistics giant Maersk and its entire
global network costing the company billions.
The Shadow Kill Hackers are somewhere in the middle. They are
black hat hackers who look for system vulnerabilities around the world and extort
the system owners for monetary gain, usually in the form of bitcoin. However,
their intentions are not as menacing and sinister as on first appearance.
As much as their motive is to receive a monetary ransom,
they are generally willing to return all the stolen information as well as a
detailed description of how they were able to hack the website. Imagine it
comparable to how successful bank robbers would return the stolen loot as well
as a comprehensive plan of how they broke into the bank vault.
This detailed description of the hack would assist the
system administrators of the City's website to repair any vulnerabilities and prevent
future attacks. They play both the good guy and the bad guy in this
There is actually a legitimate form of this practice called bug
bounties. This is where massive multinational enterprises such as Google and Capital
One offer rewards (a bug bounty) to hackers who are able to exploit unknown vulnerabilities.
Hackers such as Tommy DeVoss and Santiago Lopez are able to earn seven-figure
pay cheques from these bug bounties.
What are the consequences?
At 17:00 on Monday the deadline for paying the 4.0 bitcoins (roughly R500 000) expired with the City not paying ransom. Organisations like
this use crypto currencies in order to make it extremely difficult to trace the
culprits receiving the ransom. The Shadow Killer team have proven themselves capable
of following through with their promises when they released the passwords from
their previous hack on First Group Management SA. With the City of Joburg
storing much more sensitive information the consequences of this attack if the information
were to get released would be exponentially more dangerous.
In a Tarentino-esque plot twist the City hack coincided with
a wave of attacks on South African banks which coincidentally occurred with a
spike in the price of bitcoin. Knowing how the crypto-market would react would
give a considerable advantage.
In the hidden world of cyber-crime nothing is guaranteed. Who
knows what the actual intentions are of the Shadow Kill Hackers? Are their intentions
actually malicious? Or are they out to be incentivised cyber vigilantes with a
super cool killer team name?
Who is to say what they will do next? Stay tuned.
- Matthew Gaskel is a business analyst at Synthesis Software Technologies.
Disclaimer: News24 encourages freedom of speech and the expression of diverse views. The views of columnists published on News24 are therefore their own and do not necessarily represent the views of News24.
Are you ready to do what it takes?
Queen Elizabeth is quite fond of it though.
Datsun now has an automatic GO model in its local line-up.
5 local women share their experiences
The surfers without an ocean.
Potato skins are given a fun twist with a savoury egg custard and salsa.
"A bit of kindness goes a long way."
*Sprinkles cayenne over entire life*
Cape Town CBDWest Coast PersonnelR20 000.00 - R35 000.00 Per Month
Cape TownE-Merge IT RecruitmentR899 000.00 - R900 000.00 Per Year
Cape TownRage SA
Apartments / Flats
R 1 070 000
Apartments / Flats
R 1 200 per day
Apartments / Flats
R 10 200
We subscribe to the Press Code.
You choose what you want
News24 on Android
Get the latest from News24 on your Android device.
Terms and Conditions
24.com Terms and Conditions - Updated April 2012
Creating your profile will enable you to submit photos and stories to get published on News24.
This username must be unique, cannot be edited and will be used in the URL to your profile page across the entire 24.com network.