South Africa’s logistics company Transnet SOC hit by a ransomware attack

Transnet SOC Ltd, a large South African rail, port and pipeline company, announced it was hit by a disruptive cyber attack.

South Africa’s logistics company Transnet SOC was hit last week by a disruptive cyberattack that halted its operations at all the port’s terminals. The attack took place on Thursday, 22 July.

“Port terminals are operational across the system, with the exception of container terminals as the Navis system on the trucking side has been affected,” Transnet revealed.

The vessels moving in and out of the ports were being recorded manually.

The company immediately launched an investigation into the incident and quickly identified the source of the attack.

In response to the attack, the company told its employees to avoid access their emails until further notice in order to prevent the threat from spreading.

“Work is underway to reduce downtime to ensure that the impacted systems are up and running again as soon as possible,” reads a statement from the company.

As a result of the attack, the Transnet SOC Ltd website went down, the damages described by the statements published by the company immediately suggested the involvement of a ransomware family, a circumstance that was confirmed by images of the crippled systems shared on social media.

Cyberattacks on ports have increased over the years, exposing critical infrastructure to serious risks.

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, ransomware)

[adrotate banner=”5″]

[adrotate banner=”13″]