Malawi's Passport System Breached

Uploaded on 2024-03-05 in NEWS-Cybersecurity News, FREE TO VIEW, TECHNOLOGY--Hackers

For the past three weeks, Malawi has not been issuing passports for what officials said was "a technical glitch".

Now,the government of Malawi has taken the drastic step of suspending the issuance of passports following a cyber attack on the immigration service’s computer network. President Lazarus Chakwera informed Members of Parliament that the cyber attack constituted a grave national security breach, disclosing that the hackers are demanding a ransom.

President Chakwera acknowledged Malawians' unhappiness with the inability to obtain passports, but rejected Sulema's proposal for a cabinet reshuffle, citing a lack of comprehension of the situation. He said the hackers are demanding a ransom, but the Malawi government has no intention of paying as it refuses to "appease criminals" or negotiate "with those who attack our country... We are not in the business of appeasing criminals with public money, nor are we in the business of negotiating with those who attack our country," he said.

This is not the first time the country has had to suspend issuing passports, but this recent pause comes at a time when demand for passports is high, with many citizens migrating for employment opportunity reasons. Last year, the government paused giving out new documents after running out of passport booklets, with an official saying that the problem was being worsened by a shortage of foreign currency.

There have been issues since 2021 when the attorney-general's office terminated a passport contract with Techno Brain, which had been the supplier of Malawi’s passports since 2019, a company that had been offering the service, citing irregularities.

Demand for passports is high in Malawi with many young people looking to migrate in search of job opportunities.

President Chakwera said he had given the immigration department three weeks within which it should provide a temporary solution and resume the issuing of passports, while waiting to regain control of the system. He said a long-term solution with additional security safeguards would be developed. Mr Chakwera only revealed for the first time that the immigration system had been "hacked" without mentioning who the hackers were suspected to be.

No other details have been given about the cyber-attack including the possible implications in terms of personal data security.

Some frustrated Malawians have in the past faulted the government over the continued backlog of applications amid allegations of corruption. Righ now, anyone who does not have a passport or whose passport has expired cannot acquire a new one and therefore cannot travel.

Director general of the Department of Immigration and Citizenship Services, Charles Kalumo, acknowledged citizens' concerns, but was unable to propose a date for passport issuance to resume.

BBC     |     Dark Reading     |     IT Web Africa     |     VOA     |     The Herald     |     Lusaka Times

Image: David_Peterson

You Might Also Read: 

Buy A Dark Web Passport Scan For $15:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Wireless Security In Smart Homes Is Vulnerable
Cyber Security Governance Is A Leadership Responsibility »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

RSA Security

RSA Security

RSA provide cybersecurity products for Threat Detection and Response, Identity and Access Management, Governance, Risk and Compliance, and Fraud Prevention.

Kirkland & Ellis

Kirkland & Ellis

Kirkland & Ellis LLP is an international law firm with offices in the USA, Europe and Asia. Practice areas include Data Security & Privacy.

Jones Day

Jones Day

Jones Day is an international law firm based in the United States. Practice areas include Cybersecurity, Privacy & Data Protection.

Hewlett Packard Enterprise (HPE)

Hewlett Packard Enterprise (HPE)

HPE is an information technology company focused on Enterprise networking, Services and Support.

Dcoya

Dcoya

Dcoya's complete security awareness training program gives you out-of-the-box compliance with PCI-DSS, HIPAA, SOX and ISO regulations.

Featurespace

Featurespace

Featurespace is a world-leader in Adaptive Behavioural Analytics and creator of the ARIC platform for fraud and risk management.

CyberSecurityTrainingCourses.com

CyberSecurityTrainingCourses.com

Cyber Security Training Courses is a portal to help candidates find the best courses to progress their career within the IT security industry.

Attack Research

Attack Research

We go far beyond standard tools and scripted tests. Find out if your network or technology can stand real-world and dedicated attackers.

Cyber Pathways

Cyber Pathways

Cyber Pathways brings together the next generation of Cyber professionals along with delegates who are looking to cross train and enter the cyber market.

National CyberWatch Center - USA

National CyberWatch Center - USA

National CyberWatch Center is a cybersecurity consortium working to advance cybersecurity education and strengthen the national workforce.

InfoSec Conferences

InfoSec Conferences

InfoSec Conferences is an online directory of infosec conferences. We list every single Information Security conference, event and seminar within every niche in Cybersecurity.

Fifosys

Fifosys

Fifosys is a professional technology infrastructure specialist, delivering a broad portfolio of high quality technical and strategic managed services.

1898 & Co

1898 & Co

Keep your critical assets secure with a comprehensive portfolio of services from high-level assessments to fully managed security services designed for operational technology applications.

Venustech

Venustech

Venustech is a leading provider of network security products, trusted security management platforms, specialized security services and solutions.

BalkanID

BalkanID

BalkanID is an Identity governance solution that leverages data science to provide visibility into your SaaS & public cloud entitlement sprawl.

Otava

Otava

Otava is a global leader of secure, compliant hybrid cloud and IT solutions for service providers, channel partners and enterprise clients.