The justice ministry of the South African government is working on restoring its operations after a recent ransomware attack encrypted all its systems, making all electronic services unavailable both internally and to the public. As a consequence of the attack, the Department of Justice and Constitutional Development said that child maintenance payments are now on hold until systems are back online. BleepingComputer reports: The incident happened on September 6 and the department activated the contingency plan for such events to ensure the continuation of some activity in the country. Last week, [Steve Mahlangu, spokesperson for the Department of Justice and Constitutional Development] said that court sittings continued after a switch into manual mode for recording the hearings. A manual process has also been adopted for issuing various legal documents. However, the ransomware attack impacted monthly child maintenance payments, which have been delayed until the systems are restored.
The department is still in the process of returning to regular operations but it is cannot say when the activity will become normal again. Part of this effort was setting up a new email system, to which some staff has already migrated. Coupled with the long time needed for network restoration, this is a sign that the hackers did not get paid. It is unclear who is behind this attack. Many ransomware gangs also steal data before encrypting it, to force the victim into paying the ransom under the pressure of a public leak. Mahlangu said last week that the Department’s IT experts have found “no indication of data compromise.” Until now, the attack has not been claimed by any of the gangs with a data leak site.
Read more of this story at Slashdot.