Cyber attack on Justice Dept spills over to SA's new information watchdog
The Department of Justice and Constitutional Development announced last Thursday (9 September) that its IT system had been hacked. The latest security breach follows a cyber attack on port operator Transnet. Information systems were unavailable to both employees and the public. Services affected included the issuing of letters of authority, bail services and e-mail. The Department said the breach was affected through ransomware. South Africa's new Information Regulator says this cyber attack spilled over to its operations.
The body's email system went offline and its website was down for three days. “The regulator has written to DOJ&CD to remind them of their obligations in terms of Section 22 of the Protection of Personal Information Act, which requires responsible parties to notify the regulator and the data subject where reasonable grounds exist and the personal information of a data subject has been accessed or acquired unlawfully.”
Bruce Whitfield interviews Jayson O'Reilly, General Manager of Atvance Intellect. The cybersecurity expert says this trend will continue as the use of ransomware spikes globally and organisations practise different levels of protection.
What we are seeing is that the automated attack that is being used is effectively starting to breach organisations that are not practising what we would term as security hygiene or just the basics of getting that right.
77% of all data breaches come from social engineering as well as phishing scams, according to a large global security awareness provider's stats. All organisations need to prioritise their efforts to protect themselves against being hacked, he says.
One of the techniques we talk about is obviously this counterterrorism thinking - you need to understand your adversary, you need to know how they're going to target your organisation... Doing the same thing and expecting a different result is something we cannot do.
The techniques that we are seeing being used are not ones of sophistication. It is utilising the easier techniques, so the more you understand how susceptible you are to ransomware the easier it will be for you to prioritise your efforts, spend your money in the right place - whether you're a government entity or a small business or large enterprise.
We're seeing organisations are not spending enough time on that. They're spending time on things like threat hunting inside of their environments... and alternatively really just hoping that they're not going to get hit. I think that time is slowly but surely disappearing.
to connect with our expert