A pro-Islamic State hacker group has targeted at least two government websites this week defacing the landing pages.
The group known as Team System DZ took over the landing page of the department of basic education and the Buffalo City Municipality website on Wednesday evening and posted gruesome images of killings including children with a message “to the government, the American people and the rest of the world”.
The State Security Agency said that the “matter is under investigation by law enforcement agencies” and would not divulge any other information.
Spokesperson for the basic education department, Elijah Mhlanga, confirmed that the site was still down while the technical team investigated and tested the servers. Times Media reported that Buffalo City metro spokesperson Samkelo Ngwenya confirmed the attack, with Mayor Xola Pakati admitting that the metro’s system was not equipped to deal with professional hackers.
The State Information Technology Agency’s head of communication, Lucky Mochalibane, said that “no information was stolen” from the education department’s website and that they were assisting with the assessment of their security systems.
The agency also advised all departments to move their sites to its environment, which is “protected by firewalls and intrusion protection systems”.
The hackers that gained access to these websites have also in the past week defaced government websites in four American states including New York and Washington. Team System DZ made a point in each of their hacks to end off their message with “I Love Islamic state”.
In the American hacks this specific line was also repeated: “You will be held accountable, Trump, you and all your people for every drop of blood flowing in Muslim countries.”
None of the websites hacked said that any information was compromised.
All this comes on the back of another (remember WannaCry earlier this year?) global ransomware attack, known as “Petya”, where users were locked out of their systems and forced to pay the cyber attackers $300 in BitCoin for an encryption key.
Most experts believe this attack was more serious than WannaCry, which affected the United Kingdom’s National Health Services, because the worm affected hard disks without the possibility of recovery, especially since the email address used by the cyber hijackers was suspended.
ESET SA, an IT security company, said that only 0.03% of all victims were based in South Africa. According to SITA no incidents of ransomware attacks were reported to the state agency by any government institutions.
In June this year Eskom’s central electricity distribution network defences were classified as “stupidly easy” to penetrate by hackers, which emphasised the need for government and its institutions to take seriously the threats of cyber attacks. These latest attacks prove that point.