Cyber security has come under the spotlight once again after hackers broke into Cyril Ramaphosa's cyber world and accessed his home address, identity and phone number.
A series of screenshots supplied to the Sunday Times over the past month by a group of hackers calling themselves SpiderLog$, who have been running unauthorised vulnerability scans on government servers, show that government departments and state-owned companies are not safe and are “wide open” to intrusion.
The SpiderLog$ hackers said SA is a “playground for hackers’’, and apart from top political figures, the department of defence (DoD) and the State Security Agency (SSA), which hold some of SA’s most sensitive military and intelligence information, have also been targeted.
Ramaphosa’s personal information was stolen in March with the hacking of TransUnion, which led to the exposure of 28-million credit records and 54-million identity numbers belonging to South Africans.
It emerged from Sunday Times inquiries that the extent of the hack and the details it exposed may be far more widespread than originally believed.
“You can verify our findings with another company ... Yes, SA is a playground for hackers because anyone is able to map your country’s digital infrastructure,” said SpiderLog$.
It was initially reported that only 3-million consumers had been affected, but it now appears the group behind the TransUnion breach, which calls itself N4aughtySecTU, got away with much more.
SpiderLog$, which accessed the hacked data, also managed to obtain details of a loan Ramaphosa took out in the 2000s from one of the top four banks.
The Sunday Times shared the information with the presidency, whose spokesperson Tyrone Seale said: “The president is concerned at the unlawful acquisition, use or dissemination of the personal information of any individual regardless of the position they occupy.
“Our law-enforcement agencies are working with partners in the private sector and the international community to combat cybercrime domestically and internationally. As in all countries, our capacity in this area has to evolve as the methods used to commit cybercrime evolve,” Seale said.
As ransomware attacks increase in SA, the government has been identified as worryingly vulnerable to a cyber onslaught that could either cripple it or result in confidential or personal information being leaked to malicious groups across the world.
In one example shared with the Sunday Times and authenticated by leading cybersecurity firms, the DoD and SSA’s webmail interface something experts say is one step away from full access to the department’s e-mail server was penetrated. This creates a risk that statesponsored hackers considered the best equipped and most highly motivated would not only be able to see all mail communication inside the department, they would be able to create and send e-mails using department accounts.
Also found by SpiderLog$ were the private IP addresses of government servers that are not meant to be visible to outside eyes, and their domains and internet service providers.
Last year the department of justice, the South African National Space Agency and Transnet were hit by debilitating ransomware attacks.
Content created and supplied by: LisaLoot (via Opera News )
Opera News is a free to use platform and the views and opinions expressed herein are solely those of the author and do not represent, reflect or express the views of Opera News. Any/all written content and images displayed are provided by the blogger/author, appear herein as submitted by the blogger/author and are unedited by Opera News. Opera News does not consent to nor does it condone the posting of any content that violates the rights (including the copyrights) of any third party, nor content that may malign, inter alia, any religion, ethnic group, organization, gender, company, or individual. Opera News furthermore does not condone the use of our platform for the purposes encouraging/endorsing hate speech, violation of human rights and/or utterances of a defamatory nature. If the content contained herein violates any of your rights, including those of copyright, and/or violates any the above mentioned factors, you are requested to immediately notify us using via the following email address operanews-external(at)opera.com and/or report the article using the available reporting functionality built into our Platform See More