Justice department suffers another cyber attack

Admire Moyo
By Admire Moyo, ITWeb's news editor.
Johannesburg, 24 May 2024
The justice department has assembled a forensic team to investigate any suspicious activity arising from the cyber attack.
The justice department has assembled a forensic team to investigate any suspicious activity arising from the cyber attack.

The Department of Justice and Constitutional Development (DJ&CD) has suffered a cyber security incident affecting child maintenance payments.

In a statement yesterday, the department advised the public its electronic payment system for third-party funds, including child maintenance, has been temporarily suspended following attempts to compromise the system.

According to the department, an investigation is under way to assess potential breaches to the system.

“In light of this development, child maintenance beneficiaries are urged to promptly visit their nearest court with their original identity documents to receive manual payments until the electronic service is fully restored,” reads the statement.

The department says it has assembled a forensic team to thoroughly investigate any suspicious activity.

“We are committed to continually fortifying our systems to prevent and mitigate the risk of future breaches. We sincerely apologise to all beneficiaries for any inconvenience caused and deeply appreciate the patience and understanding during this period.”

In 2021, the government entity was hit by a ransomware attack that led to all information systems being encrypted and unavailable to internal employees, as well as members of the public.

As a result, all electronic services provided by the department were affected, including the issuing of letters of authority, bail services, e-mail and its website.

Following the attack, the department said it planned to invest a portion of its 2022/2023 budget to strengthen its cyber security, to avoid another cyber attack on its IT systems.

The ransomware attack resulted in the Information Regulator slapping the department with a R5 million fine for breaching South Africa’s data privacy law, the Protection of Personal Information Act (POPIA).

At least 1 200 files containing the names, banking details and contact details of those who had submitted personal information to the DoJ&CD were compromised during the ransomware attack.

The attack also spilled over to the office of the Information Regulator, disrupting the watchdog’s IT systems. This resulted in the regulator’s website being unavailable for three days, while the e-mail system went offline.

The regulator said it issued the enforcement notice following the finding of the contravention of various sections of POPIA by the DOJ&CD.

The enforcement notice had required the DoJ&CD to submit proof to the regulator within 31 days of receipt of the notice that the Trend Anti-Virus licence, the SIEM licence and the intrusion detection system licence have been renewed.

It also required the department to institute disciplinary proceedings against the official/s who failed to renew the licences, which are necessary to safeguard the department against security compromises.

Under attack

South African organisations, especially government entities, are increasingly being targeted by cyber criminals.

The Council for Scientific and Industrial Research estimates financial losses of up to R2.2 billion per annum to the South African economy as a result of cyber crime.

Last month, the International Trade Administration Commission of South Africa fell victim to a cyber attack.

In March, the Companies and Intellectual Property Commission (CIPC) reported an “attempted security breach” that exposed the personal information of employees and clients.

The CIPC is an agency of the Department of Trade, Industry and Competition in SA. It is responsible for the registration of companies, co-operatives and intellectual property rights (trademarks, patents, designs and copyright) and maintenance thereof.

The Government Employees Pension Fund – Africa’s largest pension fund with more than 1.2 million active members, in excess of 450 000 pensioners and beneficiaries, and assets worth more than R1.61 trillion – was also recently targeted by cyber criminals.

Information Regulator chairperson advocate Pansy Tlakula previously stated that data breaches were rising at an alarming rate, with the information watchdog receiving more than 150 data breach notifications a month.