South African banks have been under siege for a coordinated cyber attack in the past few days, apparently by the same person or group that attacked Johannesburg’s systems this week.
No bank has confirmed that they were a victim of a cyberattack, but the South African Bank Risk Information Center (Sabric) issued a warning on Friday.
The fact that Absa, Standard Bank, and Capitec’s internet banking has been falling apart over the past three days does not appear to be a coincidence.
“We can confirm that the banking industry has been hit by a spate of cyberattacks since Wednesday, October 23, which has affected various services at various banks,” the center said in a statement on Friday.
The type of attack appears to be a so-called Distributed Denial of Services (DDoS) attack.
According to Sabric, the attackers sent a threat letter to staff at the various banks before the attack was done.
No clients’ money or personal information was compromised for any moment, Sabric emphasizes.
During a DDoS attack, an institution, such as a bank, website and other online services are inundated by requests that eventually cause the web page to collapse.
The hope is that the attack will be enough of an annoyance to those institutions that they are prepared to pay the ransom demanded by the attackers.
Absa’s systems were down on Wednesday, while Standard Bank had problems on Thursday. Capitec’s was attacked on Friday again.
All three banks separately confirmed that their systems were wrong, but no mention of a DDoS attack was ever made.
Standard Bank simply said it was experiencing problems with its equipment and Absa mentioned updates to its systems related to beneficiary charging.
According to Sabric, banks and other financial institutions were attacked all over the world at the same time and South African banks were no exception.
Is there cause for panic?
Although any cyber attack should be considered in serious light, for now, there is no reason for cybercriminals to gain access to anyone’s money.
A DDoS attack is like a jaw-dropping vomit that bites your heels, but poses no real danger.
It is, however, illegal in most jurisdictions.
South African banks do, at least theoretically, use advanced software to prevent such attacks.
Cybercrime is also an industry of its own these days, warns Nathalie Schooling, head of Nlighten, a business that helps customer satisfaction.
Johannesburg’s systems were paralyzed by a cyber attack allegedly perpetrated by the same group targeting the banks.
The city confirmed that it had “shut down” its website and account systems as a “precautionary measure”.
According to Schooling, the city was probably not prepared to stop a cyber attack because it uses antiquated operating systems.
The group of cyber-attackers, who call themselves the Shadow Kill Hackers, are demanding 4 bitcoin (nearly R480 000) from the city to ease its attack on its systems.
If the city fails to comply, the group threatens to disseminate residents’ data online.
This apparently includes passwords and other personal information.
“We have control over everything,” the attackers allegedly boasted in a threatening letter to employees.
According to Schooling, it is very important that those in charge of Johannesburg’s systems stay cool and communicate extensively with the public about the state of affairs.
“This is the worst possible time to say nothing. Clients are probably very concerned, but I would advise them not to panic until all the facts become known. ”
FNB and Nedbank’s systems have so far not experienced similar problems this week.