By Terence Zimwara 22 September 2021 | 7:30 pm

South Africa Ransomware Attack: Justice Department Denies Receiving 50 BTC Ransom Demand

South Africa’s Department of Justice and Constitutional Development (DOJCD) has denied claims that it has received a 50 bitcoin ransom demand from hackers that attacked its systems on September 6, 2021.

Reports of Ransom Demand Deemed ‘Completely Untrue’

Instead, the DOJCD insists that its tech experts, “industry partners and selected organs of state have been working hard to contain the problem and to restore systems affected by the ransomware attack.” Consequently, the department stated in a tweet that an article published by Mybroadband on September 20, is, therefore “completely untrue.” A tweet shared by the country’s Ministry of Justice and Correctional Services explained:

The DOJCD would like to place it on the record that it has not received any ransom demand following the ransomware attack as suggested by an article on http://mybroadband.co.za/news/ published on 20 Sept 2021. The Mybroadband article to this effect is completely untrue.

The South African tech news site Mybroadband stated that hackers behind the ransomware attack had in fact demanded 50 BTC in return for restoring access to the compromised systems. The same report added that a tech firm was subsequently “brought in to attempt to regain control of compromised systems.”

Upon examining the ransomware attack, the unnamed tech firm is reported to have advised the DOJCD “to pay the ransom and [to] budget for a cloud backup system.” By agreeing to this ransom demand, the DOJCD would be able to regain control of all electronic services provided by the department.

Also in its report, Mybroadband said it had asked the DOJCD for more information about the nature of the attack against its IT system and that the latter had promised to provide further feedback.

Justice Department Attacked

Meanwhile, some Twitter users have questioned the DOJCD’s claims that it had not received a ransom demand. For instance, one user named Ravi Singh insists that this ransomware attack will only be solved by giving in to the hackers’ demands. The user said:

If you are infected with a ransomware virus, you won’t need to receive a ransom, the virus will automatically show you the bitcoin or altcoin address to pay to, to gain access to your files. It’s named ransomware for a reason. There’s no other classification or family period.

Another user said this attack has exposed the ineptitude of the person that is overseeing the IT department.

As a result of the ransomware attack, some of the DOJCD’s services are now being performed manually. However, the department has noted that “some functionality of the Mojapay system has been recovered and most [child] maintenance payments have been processed.”

Can the DOJCD successfully regain access to its systems without paying a ransom? Tell us what you think in the comments section below.