2021 Transnet Cyberattack
   HOME

TheInfoList



Click Here for Items Related To - 2021 Transnet Cyberattack
OR:
2021 Transnet Cyberattack on:   [Wikipedia]   [Google]   [Amazon]

On 22 July 2021, Transnet became a victim of a
ransomware Ransomware is a type of malware from cryptovirology that threatens to publish the victim's personal data or permanently block access to it unless a ransom is paid off. While some simple ransomware may lock the system without damaging any files, ...
attack. The attack caused Transnet to declare
force majeure In contract law, (from Law French: 'overwhelming force', ) is a common clause in contracts which essentially frees both parties from liability or obligation when an extraordinary event or circumstance beyond the control of the parties, such ...
at several key container terminals, including Port of Durban, Ngqura,
Port Elizabeth Gqeberha (), formerly Port Elizabeth and colloquially often referred to as P.E., is a major seaport and the most populous city in the Eastern Cape province of South Africa. It is the seat of the Nelson Mandela Bay Metropolitan Municipality, Sou ...
and Cape Town. The attack was the first time that the "operational integrity of the country's critical maritime infrastructure has suffered a severe disruption" leading the Institute for Security Studies (ISS) to call its impact "unprecedented" in South African history. The ISS speculated that Transnet was withholding details about the attack as it was an issue of national security and because the attack might cause legal liabilities for the company. Bloomberg News stated that the attackers encrypted files on Transnet's computer systems thereby preventing the company from accessing their own information whilst leaving instructions on how to start ransom negotiations. The Bloomberg article quotes a source from the cybersecurity firm Crowdstrike Holdings Inc. which states that the ransomware used in the attack was linked to "strains known variously as “Death Kitty,” “Hello Kitty” and “Five Hands.”" and likely originated from Russia or Eastern Europe. The
Department of Public Enterprises The Department of Public Enterprises (DPE) is one of the ministries of the South African government. It is the government's shareholder representative with oversight responsibility for a number of state-owned enterprises (SoEs). Enterprises It ...
stated that none of Transnet client's data had been compromised in the attack. The timing of the attack, which followed closely after the
2021 South African unrest The 2021 South African unrest, also known as the Zuma unrest or Zuma riots, was a wave of civil unrest occurred in South Africa's KwaZulu-Natal and Gauteng provinces from 9 to 18 July 2021, sparked by the imprisonment of former President Jacob ...
following former South African President Jacob Zuma's imprisonment, caused speculation that the two events might have been part of a coordinated effort to disrupt economic activity in the country. The authorities stated that the two events were likely unrelated.


Background

The Durban port handles 60% of South African container traffic.


Timeline

* July 22, Transnet ransomware attack occurred. *July 26, most computer systems had been restored. * July 27, Transnet's investigation into the attack's severity was still ongoing. * July 28, Department of Public Enterprises stated that Transnet had fully restored operations at the ports.


References

Cyberattacks Hacking in the 2020s July 2021 events in Africa 2021 in South Africa Cybercrime in South Africa 2021 crimes in South Africa July 2021 events in South Africa {{SouthAfrica-hist-stub