State entity Itac hit by ransomware attack, alert issued to stakeholders
When the information technology team became aware of the breach, the affected servers were immediately shut down and backups were restored.
Picture for illustration purposes. Picture – iStock
The International Trade Administration Commission (Itac) suffered a ransomware attack in January and has alerted its stakeholders to the risk that their personal information may have been extracted.
It has since upgraded its firewall and antivirus measures and reported the security breach to the relevant authorities for further investigation.
ALSO READ: Justice dept hack: Court cases delayed after ransomware attack
Ayabonga Cawe, Itac’s chief commissioner and information officer, says the delay in alerting stakeholders was due to the need to investigate the security compromise and restore the integrity of its systems.
Itac says it considered it “vital” not to pre-empt the investigations that were initiated once its information technology team became aware of the security compromise.
“If you have engaged with Itac recently, treat any communications you may receive from anyone purporting to be from Itac with extra vigilance and caution,” says Cawe in a media statement.
Confidential information
Trade lawyers who regularly engage with Itac have since established that the perpetrator has not downloaded the personal information, reducing the risk somewhat.
ALSO READ: Child maintenance payments to be delayed after ‘ransomware attack’
All applications for trade remedies by local companies and responses from importers and exporters are submitted in confidential and non-confidential format.
This means that confidential data, such as financial statements and management accounts, are kept on Itac servers. Companies ideally want to keep this information confidential, says Francois Dubbelman, founder of FC Dubbelman & Associates.
Donald MacKay, founder of XA Global Trade Advisors, says they were unaware of the cyberattack but expressed concern about their clients’ information potentially being compromised.
Itac says its data files were encrypted, and users were locked out of its systems. The “malicious actors” demanded a ransom payment in exchange for restoring access or decrypting the files.
ALSO READ: Ransomware attack interrupts justice department’s IT system
“The type of information held on Itac’s servers include personal information relating to Itac’s employees, service providers, importers, exporters and other stakeholders.”
Closing the gaps
When the information technology team became aware of the breach, the affected servers were immediately shut down and backups were restored.
Itac has also appointed a forensic service provider to conduct “vulnerability and penetration testing” to determine and close the gaps in its systems.
ALSO READ: Government Pensions Administration Agency hacked – payments unaffected
“We assure you that we have taken all the reasonable steps to contain the security compromise and to reduce the likelihood of similar incidents occurring in the future.”
Itac is working closely with the Information Regulator to ensure the security breach is properly addressed. It adds that it does not wish to create this experience for its stakeholders.
Government departments at risk
Moneyweb earlier reported on the high risk of cyber attacks on government departments and entities due to years of underinvestment in security systems, outdated technology, and incompetent IT security staff.
The Itac incident comes shortly after the Companies and Intellectual Property Commission (CIPC) suffered an attack on its database in March, and the Department of Justice has been a regular target.
ALSO READ: CIPC says it is not first to be hacked, starts new customer verification process
In April last year, the Master of the High Court office in Pietermaritzburg discovered an illegal breach of the Guardian Fund System, which resulted in more than R17 million being lost from the Guardian’s Fund. Transnet has also fallen prey to hackers.
Anna Collard, a security expert at KnowBe4 Africa, previously told Moneyweb that cyber attacks on the public sector impact the whole country.
This article was republished from Moneyweb. Read the original here
For more news your way
Download our app and read this and other great stories on the move. Available for Android and iOS.