Gautrain IT technician illegally installed spyware
Share this article:
Information technology technician Obakeng Israel Busang, contracted to Gautrain, was sentenced in the Johannesburg Specialised Commercial Crimes Court following a guilty plea.
National Prosecuting Authority (NPA) spokesperson Phindi Mjonond- wane said that during the initial stages of plea and trial, Busang pleaded not guilty.
He later changed his plea to that of guilty and made admissions as he realised the evidence against him was overwhelming.
He was convicted of 38 counts of contravening sections of the Electronic Communications and Transactions Act.
The court grouped the offences in accordance with the nature or type of spyware used. He was sentenced to five years on each group of charges, with the court ordering that some sentences on some counts should run concurrently, resulting in a sentence of 20 years imprisonment.
Half was suspended for five years, on condition he is not again found guilty of contravening any provisions of the Electronic Communications and Transactions Act.
Busang was responsible for assisting employees with technical problems related to their laptops or desktops.
He then used the opportunity, under false pretences, that he was installing the latest software relating to spyware such as Remote Administration Tools and key loggers to overcome security measures designed to protect passwords, and to access codes to gain access to information from employees’ laptops and desktops.
In a statement to the investigating officer, Busang said he was recruited by “someone” at a car wash and asked to help the syndicate obtain the login credentials of the persons who make payments to creditors of the Gautrain.
He said he was promised a reward if he could provide the login credentials of certain employees but he could not get the login credentials of both the chief financial officer and the chief executive officer.
He then used a laptop which had been “doctored” and connected it to the agency’s system so his partners in crime could access the login credentials of the top executives remotely.
At the time he had already been informed his employer would terminate his services at the end of October 2013.
The head of IT realised there were “irregularities” with the system and they decided to terminate his contract earlier. Because the head of IT was with him at all times when clearing his desk, he could not remove the doctored laptop.
After vacating the building he called his uncle, who worked for the entity, and asked him to remove the laptop and take it out of the building.
The uncle thought the laptop belonged to Gautrain and took it to the assets manager.
He called the head of IT who tried to operate it and realised that someone else was also operating it remotely. The head of IT figured that something was not right and they called IT security experts to help them.
Busang’s conduct resulted in the employer losing about R1.2 million to have the spyware removed and they had to replace some hard drives.
Senior State advocate Tilas Chabalala argued that each count carried a maximum sentence of five years imprisonment.
He also said Busang was no suitable candidate for correctional supervision, as he had previously disobeyed a court order to consult with a correctional officer who had been asked to compile a correctional report.
Mjonondwane said the NPA welcomed the sentence.