2021 Transnet Cyberattack
   HOME

TheInfoList



Click Here for Items Related To - 2021 Transnet Cyberattack
OR:
2021 Transnet Cyberattack on:   [Wikipedia]   [Google]   [Amazon]

On 22 July 2021,
Transnet Transnet SOC Ltd is a large South African rail, port and pipeline company, headquartered in the Carlton Centre in Johannesburg. It was formed as a limited company on 1 April 1990. A majority of the company's stock is owned by the Departmen ...
became a victim of a ransomware attack. The attack caused Transnet to declare force majeure at several key container terminals, including
Port of Durban The Port of Durban, commonly called Durban Harbour, is the largest and busiest shipping terminal in sub-Saharan Africa. It handles up to 31.4 million tons of cargo each year. It is the fourth largest container terminal in the Southern Hemisp ...
,
Ngqura The Port of Ngqura is a deepwater port on the east coast (Indian Ocean) of South Africa, 20 km northeast of Gqeberha. It was authorised by an act of parliament in 2002, construction started in September 2002 and the port became operational in ...
, Port Elizabeth and
Cape Town Cape Town ( af, Kaapstad; , xh, iKapa) is one of South Africa's three capital cities, serving as the seat of the Parliament of South Africa. It is the legislative capital of the country, the oldest city in the country, and the second largest ...
. The attack was the first time that the "operational integrity of the country's critical maritime infrastructure has suffered a severe disruption" leading the
Institute for Security Studies The Institute for Security Studies, also known as ISS or ISS Africa (to distinguish itself from other similarly named institutes in other parts of the world), described itself as follows: "an African organisation which aims to enhance human se ...
(ISS) to call its impact "unprecedented" in South African history. The ISS speculated that Transnet was withholding details about the attack as it was an issue of national security and because the attack might cause legal liabilities for the company.
Bloomberg News Bloomberg News (originally Bloomberg Business News) is an international news agency headquartered in New York City and a division of Bloomberg L.P. Content produced by Bloomberg News is disseminated through Bloomberg Terminals, Bloomberg Tele ...
stated that the attackers encrypted files on Transnet's computer systems thereby preventing the company from accessing their own information whilst leaving instructions on how to start ransom negotiations. The Bloomberg article quotes a source from the cybersecurity firm Crowdstrike Holdings Inc. which states that the ransomware used in the attack was linked to "strains known variously as “Death Kitty,” “Hello Kitty” and “Five Hands.”" and likely originated from Russia or Eastern Europe. The Department of Public Enterprises stated that none of Transnet client's data had been compromised in the attack. The timing of the attack, which followed closely after the
2021 South African unrest The 2021 South African unrest, also known as the Zuma unrest or Zuma riots, was a wave of civil unrest occurred in South Africa's KwaZulu-Natal and Gauteng provinces from 9 to 18 July 2021, sparked by the imprisonment of former President Jaco ...
following former South African President Jacob Zuma's imprisonment, caused speculation that the two events might have been part of a coordinated effort to disrupt economic activity in the country. The authorities stated that the two events were likely unrelated.


Background

The Durban port handles 60% of South African container traffic.


Timeline

* July 22, Transnet ransomware attack occurred. *July 26, most computer systems had been restored. * July 27, Transnet's investigation into the attack's severity was still ongoing. * July 28, Department of Public Enterprises stated that Transnet had fully restored operations at the ports.


References

Cyberattacks Hacking in the 2020s July 2021 events in Africa 2021 in South Africa Cybercrime in South Africa 2021 crimes in South Africa July 2021 events in South Africa {{SouthAfrica-hist-stub