The City of Johannesburg has said it suspected that malware has infected one of the servers hosting its Web site, causing major downtime last week.
This is just one in a long string of woes for the city.
The billing system, inherited from the ANC when the DA won the metro, has been in crisis for some months. The City tried to fix it by rolling out a new system, which automatically requires payment on the 15th of the month unless rate payers ask for it to be the 28th, by way of e-mail or the call centre.
As a result of the change in date, as well as a lack of postal notices and SMS notices, many household have unintentionally fallen behind in payment – or worse, have not, but have been cut off anyway. Re-instatement of electricity is a costly and time-consuming exercise, and falling behind on payments can impact credit ratings.
Local councillors instructed their ward members to use the CoJ Web site to ensure they know what they owe and don’t fall behind on payments.
However, the city’s website – https://joburg.org.za/ – was inaccessible through browsers like Google Chrome for almost two days last week, due to a malware warning from Google.
When attempting to access the site, Google’s safe browsing warning turns users away, stating that it contains harmful content – including pages that “send visitors to harmful websites”.
The city said it was aware of the issue, and had an investigation underway.
“Preliminary indications suggest that one of the servers hosting the website may be infected with malware. It is also possible that the outage may be a result of corrupted code,” said the City of Johannesburg.
“Fortunately, the city’s customer data has not been compromised as it resides in separate servers.”
According to the ZACR’s records, the City of Johannesburg is the registrant of the domain, while Internet Solutions is the sponsoring registrar.
Although the issues with the site have since been fixed, it leaves many questioning what kind of security is in place for one of the city’s most important databases.
Source: MyBroadband; My Office News
The SABC’s Web sites were down on Sunday 12 June after hacktivist group Anonymous Africa hacked the sites and took them offline in retaliation for the national broadcaster’s decision to censor news coverage of protests.
An internationally co-ordinated fraud attack involving forged bank cards used at ATMs in Japan has stripped Standard Bank of about R300-million.
Standard Bank and authorities remained mum on the progress of investigations and the whereabouts of the syndicate, as investors appeared largely unconcerned by the bank’s loss.
Spokesman Ross Linstrom of Standard Bank, which made just more than R22-billion in headline earnings across the group in 2015, said on Monday a sophisticated and co-ordinated syndicate had created a “small number of fictitious cards” and proceeded to draw a total amount of R300-million from ATMs in Japan.
He said investigations were at a sensitive stage, but that bank customers would suffer no adverse effects if their details had been stolen and used in the Japanese fraud.
Japanese media have reported that about 100 individuals hit 1 400 ATMs in just three hours on a day when banks are closed for business, with one withdrawal transaction at each ATM up to the daily limit amount set in Japan.
According to Japanese media, no arrests have been made and the individuals who made the withdrawals may no longer be in the country.
The fraud fits an international trend involving hit-and-run withdrawal schemes in which fraudsters may be jetting into countries in different time zones to buy themselves time to collect the cash and run.
The South African Banking Risk Information Centre confirmed the Standard Bank matter was under investigation, and CEO Kalyani Pillay said the local industry would provide full support to both the bank and law enforcement, where possible.
“The industry’s card losses for 2015 were in the region of R778-million across all card types for South African-issued cards.
“This was a 4% decrease compared to 2014. Banks have robust systems in place to monitor and detect fraud, but some risks lie with bank clients themselves,” Pillay says
Southern African Fraud Prevention Services executive director Manie van Schalkwyk said his organisation stops about R3-billion in fraud every year.
“Identity fraud is declining, and the main reason is the use of biometrics,” he says.
Van Schalkwyk said banks were making use of various databases and methods to try keep up with and combat such fraud, as criminals continued to evolve their modus operandi.
By Brendan Peacock for www.bdlive.co.za
Kaspersky Lab yesterday announced that its internal networks were the victim of an advanced attack which attempted to steal information about its products and clients. According to the company’s blog post, the attack was complex and stealthy, exploiting several zero-day vulnerabilities.