advertisement
X-twitter Facebook Instagram Linkedin Youtube Spotify
Facebook
X
LinkedIn
WhatsApp
Reddit

South African Weather Service says hack was merely a flesh wound

  • The South African Weather Service says that most of its critical systems kept operating after a breach it suffered on the weekend.
  • Systems are now gradually being restored after an alleged ransomware attack.
  • It said it managed to continue giving important information through alternate channels.

The South African Weather Service (SAWS) says that despite suffering a cyberattack that took its ICT systems offline over the weekend, its meteorological services continued without interruption as the service had other methods in place to continue dispensing critical weather information.

Last weekend two different cyberattacks were launched by threat actors against the Weather Service, with the second being successful in knocking down its ICT network. It said that aviation and marine services were affected as well as emails and its website.

At the time no information was given about the attackers or their motive but according to MyBroadband, the threat actors that launched the attack are a Russian-linked ransomware group called RansomHub.

Ransomware groups will launch attacks in order to lock down systems of large companies or government facilities in order to get a ransom from these entities, usually in the form of untraceable Bitcoin payments.

“Thus far, we have not had an interruption of services. Weather products for marine and aviation sectors are being conveyed via alternative channels. Daily forecasts are being sent regularly via email to media houses and to Disaster Management Authorities,” said SAWS Chief Executive Officer, Ishaam Abader.

SAWS said it would be reporting the criminal act to relevant authorities. In its latest statement, it says that “a team of engineers and cyber security experts is working around the clock to return operations to normalcy within a reasonable time.”

It says the experts have managed to restore SAWS email functionality and the telephone system. Likely the rest of the ICT system remains encrypted by the ransomware.

“SAWS understands the significance of its services in so far as they relate to saving lives and property from the impact of hazardous weather. Accordingly, the organisation does not take the cyber attack lightly,” it added.

Ransomware, like that which was allegedly used to attack SAWS, is usually spread through social engineering attacks. Usually through spam emails that contain the virus hidden within a download. When the ransomware is on the effected system, hackers are able to seize the system.

The attack vector has been a bane against the South African government, responsible for attacks on Transnet and the National Health Laboratory Service (NHLS) in recent years, costing the government millions.

advertisement

About Author

More
Picture of Luis Monzon

Luis Monzon

Writer/journalist for HTXT. Beats are education and consumer tech. Reach me at Luis@HTXT.co.za.

Related News

SAA data breach started at the weekend

AI-powered cybersecurity isn’t enough, it needs a backbone

How cybercriminals use AI to fool you

Cisco debuts open-source reasoning model focused on security

MTN customers told to be cautious following breach

advertisement
Facebook Instagram Linkedin Youtube Spotify
Hypertext is one of South Africa’s leading technology news and reviews sites. We publish original content daily for consumers and businesses.
All original words & media by Hypertext by htxt.media are licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License. Permissions beyond the scope of this license may be available at Hypertext. Where images and material are supplied by rights holders outside of htxt.media, original publishing licences are indicated and unaffected.
Click here to suggest a story.
Click here for advertising.

© 2025. All rights reserved by HTXT.