Public works and infrastructure minister Sihle Zikalala has enlisted the services of the Hawks, South African Police Services, and experts in the ICT and cyber security industry to investigate his department’s IT systems.
This, after the department’sbanking partners, including Absa and the South African Reserve Bank, identified vulnerabilities, says a statement from the ministry.
The ministry has not revealed the extent of the vulnerabilities, but says the full forensic investigation will cover the vulnerability and resilience of ICT infrastructure within the department, capacity of staff and ICT systems, as well as improvement of internal controls.
“Minister Zikalala is concerned that the department may be becoming a soft target for increasingly sophisticated cyber crimes due to the nature of its business. The department is at this stage quantifying the impact of the vulnerabilities and with the support of experts build its cyber resilience capabilities.”
The Department of Public Works and Infrastructure is mandated to provide strategic leadership to the South African construction and property industries, ensuring compliance to policy and legislative prescripts for the management of state-owned and leased-in immovable assets and the South African construction and property sectors.
It also provides direction on the integration of public works priorities, contributing to the national goals of job creation and poverty alleviation through public works programmes.
The department notes the investigations will have implications for the processing of payments to creditors and beneficiaries.
Resultantly, it has appealed to all its partners for patience as it “undertakes measures to protect itself, state resources and its clients from cyber criminals”.
South African organisations, especially government entities, are increasingly being targeted by cyber criminals.
The Council for Scientific and Industrial Research estimates financial losses of up to R2.2 billion per annum to the South African economy as a result of cyber crime.
Last month, the International Trade Administration Commission of South Africa became the latest government entity to fall victim to a cyber attack.
In March, the Companies and Intellectual Property Commission (CIPC) reported an “attempted security breach” that exposed the personal information of employees and clients.
The CIPC is an agency of the Department of Trade, Industry and Competition in South Africa. It is responsible for the registration of companies, co-operatives and intellectual property rights (trademarks, patents, designs and copyright) and maintenance thereof.
The Government Employees Pension Fund – Africa’s largest pension fund with more than 1.2 million active members, in excess of 450 000 pensioners and beneficiaries, and assets worth more than R1.61 trillion – was also recently targeted by cyber criminals.
Information Regulator chairperson advocate Pansy Tlakula previously stated that data breaches were rising at an alarming rate, with the information watchdog receiving more than 150 data breach notifications a month.
Share