Security16.09.2021

South Africa’s legal system on its knees after cyberattack

A ransomware attack that paralysed the IT systems of the Department of Justice and Constitutional Development has brought the Master’s office for South Africa’s courts to its knees.

Without a functioning IT system, the Master’s office has resorted to operating manually, causing severe delays in critical services such as handling deceased estates and child maintenance payments.

Democratic Alliance MP Glynnis Breytenbach said they have also learned that the department had not paid its IT service provider for two months leading up to the attack.

“[We’re told that] as a result [of the non-payment], the firewalls of the department were vulnerable, and that is the reason for this attack,” Breytenbach told eNCA in a recent interview.

“It’s extremely worrying. The Department of Justice sits with masses of very private, very personal information of millions of people,” said Breytenbach.

“Who knows where it’s gone or what’s going to happen to it.”

The department has said that there is no indication that people’s private data has been compromised. However, an anonymous Gauteng lawyer and security industry veteran Anna Collard have cast doubt on this statement.

There are two typical patterns when ransomware is involved:

  1. Attackers break into a system, lock victims out of their own system by encrypting their files with ransomware, and try to extort payment out of the victim to get their files back.
  2. Attackers exfiltrate all the data they can get out of the target system before infecting it with ransomware, then extort victims from two angles — the threat of releasing their data online, regaining access to their files.

The second approach is becoming more common among ransomware gangs as it gives them two opportunities to get paid.

Collard believes that the department’s data must therefore be in danger.

In the meantime, the downtime of the justice department’s IT systems has crippled South Africa’s courts.

“The justice system in South Africa is utterly reliant on a functioning IT system,” Breytenbach stated.

“With the Covid–19 lockdowns already significantly slowing down the wheels of justice in many cases, the country simply cannot afford this further vulnerability in the criminal justice system.”

The following services are affected by the ransomware attack on the justice department’s IT systems:

  • E-mail
  • Bail services
  • Payment of child maintenance
  • No way to correspond with magistrates or judges — no one can file court papers
  • Recording and transcription of court proceedings offline
  • Master’s offices

As a result of this, several cases in the lower courts have been postponed, Breytenbach said.

She also explained that the Master’s offices are a huge operation in their own right.

“The fact that it is operating manually for essential services — if you read between the lines, that means very little is getting done,” she stated.

“They are no longer geared to operate manually. They don’t have the staff.”

This is exacerbated during the Covid–19 lockdown as many Master’s offices staff have been affected. Breytenbach said that two out of three Master’s offices are not even open on any given day.

She said that the Master’s offices deal with a wide range of essential services, including:

  • Deceased estates — including issuing letters of executorship and urgent payments out of frozen bank accounts
  • Curatorships
  • Orphans whose affairs are being managed by the state

“We need to get these systems back up and running. The Master’s office is so dysfunctional this is going to be the last straw,” stated Breytenbach.


Now read: Hawks arrest suspect in Experian data breach that exposed data of 23 million South Africans

Show comments

Latest news

More news

Trending news

Sign up to the MyBroadband newsletter