Alarm as more state entities hit in wave of suffer cyber attacks

Cyber attacks have been plaguing government entities. l REUTERS/KACPER PEMPEL

Cyber attacks have been plaguing government entities. l REUTERS/KACPER PEMPEL

Published Mar 14, 2024


Concerns continue to mount as more government entities and institutions have come under attack by cyber criminals, the latest being the Government Employees Pension Fund (GEPF).

The fund recently announced concern after it reported that there was an attempted cyber-attack, when an unauthorised party attempted to access information at the Government Pensions Administration Agency (GPAA).

On Monday (March 11), the group released a sample of the stolen data that included scans of at least one senior government official’s passport.

The fund said GPAA subsequently established that this was an attempt by LockBit, a notorious cybercrime gang that holds its victims' data to ransom.

The leak by the LockBit ransomware group reportedly released a 668GB file allegedly containing data stolen from the GEPF’s systems.

The fund said it was informed by the agency that preliminary investigations had found that certain GPAA systems had indeed been compromised.

As a result, the fund reported that the agency would be investigating the alleged data breach and whether it affected them.

After the agency confirmed the breach, preventive action was taken when it became aware of the attempted access to its systems, including “shutting down” all systems to isolate affected areas.

Despite this breach, the agency said pension payments were not affected.

Earlier this month the Department of Trade and Industry Competition’s agency, the Companies and Intellectual Property Commission (CIPC) also reported an attempted security breach and the compromise of personal information of clients and its employees.

The commission reported that its ICT technicians were alerted, due to extensive firewall and other systems in place of the possible security compromise.

As a result, certain CIPC systems had to be shut down immediately to mitigate any possible damage.

Lungile Dukwana, the CIPC chief strategy executive, said through the diligent efforts of the ICT and information security teams, the compromise was isolated and curtailed, with the relevant systems back up and available for processing.

Unfortunately, certain personal information of clients and CIPC employees was unlawfully accessed and exposed prior to the shutdown.

Government entities have not been the only organisations that have come under growing cyber attacks experienced in the country. The Information Regulator reported that it was informed on January 4, that the Tshwane University of Technology’s (TUT) information communication technology system had been hacked on December 17, 2023.

Following the breach, Professor Bhekisipho Twala, responsible for the digital transformation portfolio at the institution, was placed on precautionary suspension on January 26. He allegedly failed to deal with and manage the aftermath of the cyber security breach.

It was reported that the attack was suspected to have been committed by a ransomware gang called Rhysida, which claimed responsibility for a cyberattack on the British Library in November 2023.

South Africa has already suffered cyber attacks going as far back as the 2021 attack on the IT systems of the Department of Justice and Constitutional Development.

The Public Servants Association (PSA) said it was extremely concerned and appalled by recent cyber-attacks on government systems and the implications for citizens.

The association said it was further aware of the recent incident at the Department of Home Affairs where an attempt was made to attack the systems .

“It is a grave concern that government systems are vulnerable to such acts of criminal activity. Such attacks disrupt government services. Government must be proactive and put stringent measures in place against such attacks. In addition, departments must have contingency plans to restore systems in case of any breach.”

The PSA urged the government to ensure that critical and confidential information of citizens and employees was secured.

“Such breaches expose the vulnerability of government systems with the potential of being compromised. Failure over years to invest in upgrading information technology security systems may have far-reaching implications for the personal data of citizens.

“The South African government must prioritise cyber security, including investing in skills development. They (government) must update and improve its systems to prevent such attacks and take the necessary steps to safeguard information.”

The Star

[email protected]