SA government departments urgently need to address cybersecurity gaps

11 Jun 2022

Following the ransomware attack on the Department of Justice in 2021 – and the recent exposure of vulnerabilities by hacking group SpiderLog$ - it’s time for the government to bolster its efforts to fend off cyber attackers,

Check Point Software Technologies has monitored with concern the recent efforts of hacking group SpiderLog$, which pointed out glaring vulnerabilities in the security systems used by South African government departments.

SpiderLog$ was able to obtain private data of President Cyril Ramaphosa, including details of a loan he took out from a South African bank in the 2000s, his home address, ID number and cellphone numbers.

Additionally, the group produced screenshots showing it could gain entry to the webmail interface of the defence and state security departments (making it possible to access sensitive and military information), as well as identify the private IP addresses of the government’s servers, their domains and Internet service providers.

“This recent activity shows that no one – not even the President of South Africa – is immune to cybercrime,” says Pankaj Bhula, regional director for Africa at Check Point Software. “SpiderLog$ has shown that the state is worryingly vulnerable to cyber-attack, with the group even expressing that South Africa is a ‘playground for hackers.’ This should serve as a stark reminder to all organisations to up their cyber security game.”

Government departments have become prime targets for cybercrime, owing to the wealth of information they have on citizen activity and government operations. One of the biggest threats to governments of all sizes remains ransomware – as seen in the September 2021 attack on the Department of Justice, and the July 2021 attack on state-owned Transnet SOC Ltd.

To fend off cyber criminals, government departments need to move beyond traditional security methods, with tools that prioritise prevention over detection. The security deployed by most government departments today is lagging behind and incapable of protecting against today’s advanced ‘Gen V’ attacks – large-scale and multi-vector mega attacks capable of causing large data breaches and major damage.

Closing this security gap requires government departments to urgently upgrade and consolidate their security architecture, and work with vendors that have common criteria certification to ensure the highest security standards. By implementing threat prevention across all attack surfaces (networks, cloud and mobile) and automatic, real-time sharing of threat intelligence, departments can reduce their vulnerability to large-scale cyber-attacks.