SARS maintains strong cyber security stance

Simnikiwe Mzekandaba
By Simnikiwe Mzekandaba, IT in government editor
Johannesburg, 25 Oct 2023
SARS commissioner Edward Kieswetter.
SARS commissioner Edward Kieswetter.

Despite being a target for cyber criminals, the South African Revenue Service (SARS) has had “zero ICT security breaches” from known risks, to date.

SARS commissioner Edward Kieswetter revealed this during a presentation of the tax authority’s 2022/23 annual report to Parliament’s Standing Committee on Finance last week.

During the briefing, Kieswetter’s presentation showed “nil” security breaches from known risks during the 2021/2022 and 2022/23 financial years. It also showed that reported phishing sites were taken down, blocking viruses on SARS workstations and e-mails containing viruses.

According to the commissioner, cyber criminals make continuous attempts to access SARS systems, but “thankfully” there were no security breaches for the period under review.

Kieswetter commented that risks change all the time, so SARS cannot relax in this area. “We have to remain vigilant because SARS is a target for cyber criminals. To get access to our data gives them huge advantage, not against people only, but also access to the fiscal resources of South Africa.

“We are very pleased that, at the moment, we’ve been able to maintain this. Building this capability and choosing the appropriate partners is key.”

The tax authority collects over 90% of the revenue required by government to serve the South African population.

According to Kieswetter, sometimes procurement systems don’t help in being agile enough in this regard, but SARS has strengthened this by bringing a lot of the capability inhouse and developing a different way of engaging on a more agile basis with service providers.

Securing SARS’s ICT systems is an evolving area of work and the revenue service acts with great intent, he noted.

SARS invested R646 million in ICT in the 2022/23 financial year, according to the commissioner, to ensure mission-critical infrastructure and systems remain operable.

South African government departments and entities have increasingly become attractive targets for attackers, due to the wealth of information they possess.

Israeli-based cyber security firm Check Point Software Technologies says governments are prime cyber attack targets for a variety of reasons.

According to the firm, these include the fact that governments have access to highly-sensitive data and control critical infrastructure that can be disrupted by cyber attacks. Additionally, government agencies may be targeted by hacktivists with political motivations, it notes.

A report by US-based cyber security firm Trellix revealed the public sector is a key target of cyber attacks in South Africa, with 26% of threats detected in the second quarter of this year aimed at government departments.

In 2021, SA’s Department of Justice and Constitutional Development was hit by a cyber attack that crippled its IT systems for several days. The Western Cape Provincial Parliament also fell prey to cyber criminals and the State Security Agency was reportedly hacked in August.