South Africa’s Justice Department Suffers Another Cyberattack

South Africa’s Department of Justice and Constitutional Development (DJ&CD) has been hit by a cyberattack.

The news came in just a couple of days ago (May 24) through a statement released by the department, which revealed that third-party payments, including child maintenance, have been temporarily suspended after unknown miscreants tried to sabotage the system.

Those who require immediate child maintenance have been asked to go the traditional way—visit their nearest courts with original documents to get paid manually until the system is back up.

What Is the Justice Department Doing Now?

A forensic team has been hired to investigate the matter. However, nothing has been discovered about the attack at the time of writing.

The department has also assured that necessary steps have been taken to secure the system and reduce the chances of a repeat attack in the future.

“We sincerely apologize to all beneficiaries for any inconvenience caused and deeply appreciate the patience and understanding during this period.” – Justice Department

2021’s Attack on SA’s Justice Department

This isn’t the first time the justice department has been under siege. Back in 2021, the department was hit by a ransomware strike, which led to the encryption of all information systems. Such unknown encryption made these systems unavailable to both internal employees as well as the public.

Many services offered by the department, such as bail services, letters of authority, email, and even its website, were compromised and at least 1,200 files were leaked. These files contained the personal details and banking information of people who had submitted their data to the department.

The worst part of the 2021 attack is that it wasn’t confined. It spread to the office of the Information Regulator. As a result of this, the department’s IT system and email were down, while its website was unavailable for three long days.

What Happened Next?

The attack had severe consequences for the department. The Information Regulator slapped a massive R5 million fine (around $271,452) for violating South Africa’s data privacy law, the Protection of Personal Information Act (POPIA).

Plus, an enforcement notice was issued against the justice department, which required it to submit proof within 31 days that all the necessary licenses (the SIEM license, the trend antivirus license, and the intrusion detection system license) had been renewed on time.

These licenses are necessary to protect the department against security issues. Hence, disciplinary action was also issued against the officials who were responsible for issuing these licenses, but they failed to do so.

Even back then, the justice department had promised to amp up security. It said that a portion of its 2022/2023 budget will be used to strengthen the department’s cyber security so that an attack like this doesn’t happen again.

However, as we can see now, a similar attack has happened, and the department’s payment system has been disrupted once again. Does this hint at corruption within the system? Or is it plain and simple ignorance of the importance of cybersecurity?

South African Organizations Ruffled with Cyberattacks

Before we put the entire blame on the justice department for its lack of security, it’s important to note that this has been a trend in South Africa for a while now, i.e., a lot of South African organizations have recently been victims of cyberattacks.

The reason behind the sudden rise in cyberattacks on South African government organizations is unknown. However, according to Information Regulator chairperson advocate Pansy Tlakula, the watchdog has been receiving more than 150 breach notifications a month.