The city of Johannesburg has shut down its entire computer network after being targeted by a Bitcoin ransomware attack.
According to The Times, South Africa's commercial capital was hacked by a threat group called the Shadow Kill Hackers Group. The city closed down its website and all digital services on Thursday night after several employees received a ransom note from the threat group.
Shadow Kill Hackers Group are threatening to expose sensitive information by uploading it to the internet unless a ransom of 4 Bitcoins—roughly USD 34,000—is paid before 5:00 pm on October 28.
The ransom note reads: "All your servers and data have been hacked. We have dozens of back doors inside your city. We have control of everything in your city. We also compromised all passwords and sensitive data such as finance and personal population information."
Before imploring the city to "have a nice weekend," the threat group writes: "If you pay on time, we will destroy all the data we have, and we will send your IT a full report about how we hacked your systems and your security."
The city took to Twitter to report the breach, stating just after 11 pm that it had detected a network breach that resulted in unauthorized access to information systems.
The city wrote: "The incident is currently being investigated by City of Joburg cyber security experts, who have taken immediate and appropriate action to reinforce security measures to mitigate any potential impacts. As a result, several customer facing systems— including the city’s website, e-services, billing system—have been shut down as a precaution."
E-services affected by the shutdown include online billing services and online customer care services. Emergency calls have been diverted to the Provincial Call Centre.
An investigation into the attack has been launched and is expected to take 24 hours.
The city apologized for any inconvenience caused and stated that it would provide residents with an update on the ongoing ransomware attack every four hours.
Five South African banks, including Standard Bank and Absa, reported internet issues at the time of the Shadow Kill Hackers Group Bitcoin ransomware attack. It is not known yet whether the issues are related to the attack.