Situation under control at civil aviation authority
The South African Civil Aviation Authority (SACAA) says it is conducting tests on its ICT infrastructure following a suspected breach that led to the disconnection of two servers from its network.
According to weekend reports, SACAA cited hacking as the reason behind the disconnection of the servers.
However, the aviation authority says hacking is not the correct description of what transpired on Monday last week, but on closer inspection, “some files had suspicious characteristics”, raising concerns for the organisation.
SACCA is a government statutory authority, which maintains an aircraft register and oversees the approval and regulation of civil aviation, and any breach on its system could be catastrophic to the country.
SACAA spokesperson Kabelo Ledwaba tells ITWeb that on the morning of Monday, 1 July, SACAA learned that some of its ICT systems did not launch and operate as per the norm.
He says: “On closer inspection by the relevant ICT personnel, it was noted that some files had suspicious characteristics, which are regarded as anomalies from an ICT perspective.”
Ledwaba says upon conducting a preliminary investigation, “it was decided that some servers should be disconnected from the network in order to address these anomalies”.
SACAA is still able to service clients, although in some instance services will be slower, he adds.
“The SACAA can confirm the situation is under control. As such, services are continuing as per the norm; however, some of the services are now being offered manually and, therefore, a bit slower than usual. It must be emphasised that the perception that there is a total shutdown of services is absolutely not true,” he says.
Ledwaba adds that the decision to shut down the servers has no bearing on SACAA’s ability to oversee a safe and secure air transport network.
Furthermore, he explains that as a rule, SACAA’s management does not take matters such as this lightly.
“An internal investigation was launched. In addition, as required by relevant legal prescripts, the SACAA notified all the relevant state security authorities about the matter for their consideration, analysis and possible investigation. An investigation was subsequently launched. It is only after the conclusion of the current ongoing investigation that we will know, with absolute certainty, if indeed there was an individual or individuals that may have deliberately attempted to disrupt the SACAA’s services,” he explains.