South African Banks Resilient in the Face of Ransom-Driven Attacks

SABRIC, the South African Banking Risk Information Centre, confirmed today that as of Wednesday, 23 October 2019, the banking industry has been hit by a wave of ransom-driven Distributed Denial of Service attacks, targeting various public-facing services across multiple banks.

These attacks started with a ransom note which was delivered via email to both unattended as well as staff email addresses, all of which were publicly available, said SABRIC in a media statement.

SABRIC stressed that the it is a multi-jurisdictional attack with entities from several countries being targeted and should therefore not be viewed as a targeted attack on South African companies only.

“We must emphasise that DDoS attacks like this one do not involve hacking or a data breach and therefore no customer data is at risk,” said SABRIC.

It does, however, involve increased traffic on networks necessary to access public-facing services. This may cause minor disruptions.

“Robust defensive strategies” have been invoked across the industry and SABRIC believes customer impact will be kept to a minimum.

“Despite our Banks preparedness and resilience, we will continue to monitor this situation very closely and respond as required,” says SABRIC acting CEO, Susan Potgieter.