Local cyber security experts suspect the break-in at Interpol's Pretoria offices was most likely the work of an organised group of criminals, seeking to get their hands on sensitive information. However, they say it is too early to speculate about whether an international crime syndicate might be involved.
According to a Times Live article this morning, among the items stolen during the weekend robbery are five laptops, cameras and data storage devices. It is understood that none of the laptops had "active security codes".
Police fear the theft of the data could compromise high-profile investigations "relating to the extradition of international criminal suspects, including Nigerian drug syndicates and organised Russian, Ukrainian and Chinese gangs", Times Live reports.
It is understood the equipment was stolen during two burglaries at the weekend, with police sources saying the first occurred on Saturday and the second on Sunday. The burglars allegedly had access cards and key codes to the offices, gaining entry into the building and offices used by three colonels and two captains.
Police are yet to establish which laptops were taken, and how many of these were private or state-owned, as well as exactly what data they carried. However, Times Live says one of the officers whose computer was stolen was involved in the extradition of George Louka, from Cyprus to SA. Louka stands accused of killing Teazers owner Lolly Jackson, in 2010.
Not after laptops
Gareth Newham, head of the Institute for Security Studies' governance, crime and justice division, says it is difficult to comment on an ongoing investigation, but notes the fact the burglars had access cards and key codes means it was a highly-organised group.
"We don't know exactly what happened yet, but it would be a serious breach if the stolen information was related to the movement of international criminals. Until we find out what happened, it is difficult to speculate about the purpose of the burglary," he states.
However, Newham says it is also not known whether the criminals obtained access cards and key codes via stealth or from someone within the police. He also points out it would depend on the type of data involved as to whether it needed to be encrypted or not.
"If it was formally classified, then it should have been encrypted, but it's hard to tell at this stage. We need to know exactly what was stolen to determine what they were after," Newham says. He concedes the level of sophistication of the burglary suggests the criminals were after more than just the equipment.
A question of skills?
Manuel Corregedor, operations manager at Wolfpack Information Risk, says there is a known skills shortage within local police and a lack of awareness in terms of risks associated with cyber security.
The use of access cards and key codes during the robbery points to an insider threat, he says, adding the information contained on the stolen devices should have been encrypted. "It is unfortunate that this happened, but even if the data was not stored on mobile devices, it should have been encrypted."
SensePost CTO Dominic White argues the seriousness of the breach would depend on how well the data was protected. Data protection, he adds, would especially be vital in the case of laptops, which by their nature are mobile devices.
White is loath to blame a data breach on a lack of ICT skills within the local police or the local Interpol office specifically, saying a lack of cyber security expertise is a worldwide phenomenon. He points out there are indeed some high-skilled people to be found within the various specialised units of the South African Police Service.
On Monday, police management reportedly ordered an internal investigation into the break-in and the officers whose offices were broken into took a polygraph test yesterday to rule out their involvement.
Share