Business Maverick


Hack attack: Department of Justice and SA Space Agency say no ransom demands made after IT breaches

Hack attack: Department of Justice and SA Space Agency say no ransom demands made after IT breaches
Adobe Stock | Unsplash | Shipping containers on the dockside at the Port of Durban, operated by Transnet in Durban, South Africa. (Photo: Waldo Swiegers / Bloomberg via Getty Images)

On Monday, 6 September, two South African government agencies were almost simultaneously hit by cyberattacks on their information systems. Although no clear link between the breaches at the SA National Space Agency and the Department of Justice has been established, no ransom demands were made on either of the agencies.

The South African National Space Agency (Sansa) told Business Maverick on Friday that the IT breach was only of publicly available information. 

“We received a notification that there was a possible breach of our IT system, but our internal investigations found that the data that was shared in the public domain comes from our FTP server, which is already in the public domain. So there was no breach of our firewall,” said a spokesperson at Sansa.

File Transfer Protocol (FTP) servers facilitate transfers of large data files across the internet, serving as the midpoint between uploading and downloading of information. There are concerns that its reliance on usernames and passwords for authentication leaves it open to basic cyberattacks. Sansa’s FTP server is not encrypted, heightening the risk of hacks. 

“The public server is not encrypted since it is normally only used for public domain files, and therefore made use of anonymous FTP access,” the Sansa official said.   

A leak site called CoomingProject posted some of the data online and boasted about the breach. The group seems to have recently emerged, initially targeting French-speaking European countries, but it is spreading its wings, saying online that it planned attacks on Iraq.      

“Sansa has not been contacted with any ransom demands. We actually learnt through the media about this organisation claiming responsibility. The data that was shared mostly consists of research data, some research papers and other miscellaneous files. There were some… that contained personal information, but we’re dealing with those issues,” said the Sansa representative. 

The Department of Justice confirmed on Thursday that its systems had been breached last Monday, leading to “all information systems being encrypted and unavailable to both internal employees as well as members of the public”. The department told Business Maverick it had not received any ransom demands.

“We haven’t paid and nobody has requested any money from us,” said Steve Mahlangu of the DOJ. “We don’t have any information for now (about the identity of the hackers). Our IT guys believe it was done through a phishing email.”

Cybersecurity experts have previously warned that such incidents would likely increase in SA with more focus on state entities, such as the July cyberattack on Transnet’s port facilities.

“Utilities and other national critical infrastructures are vulnerable to attacks because of the essential services they offer – be it water or electricity supply, or transport in the case of Transnet. They are often exclusive suppliers of these services, thus offering a single point of failure,” said Tiaan van Schalkwyk, a cyber risk specialist at Deloitte Africa.

Based on the trends we’re seeing, there is still some degree of indiscriminate attacks on state-owned companies, which means they were not specifically targeted but that the cyber-criminals opportunistically attacked them,” said van Schalkwyk.

A 2020 report by Interpol found that South Africa had suffered around $157-million (R2.2-billion) in economic losses due to cyberattacks. BM/DM


Comments - Please in order to comment.

Please peer review 3 community comments before your comment can be posted

MavericKids vol 3

How can a child learn to read if they don't have a book?

81% of South African children aged 10 can't read for meaning. You can help by pre-ordering a copy of MavericKids.

For every copy sold we will donate a copy to Gift of The Givers for children in need of reading support.

A South African Hero: You

There’s a 99.8% chance that this isn’t for you. Only 0.2% of our readers have responded to this call for action.

Those 0.2% of our readers are our hidden heroes, who are fuelling our work and impacting the lives of every South African in doing so. They’re the people who contribute to keep Daily Maverick free for all, including you.

The equation is quite simple: the more members we have, the more reporting and investigations we can do, and the greater the impact on the country.

Be part of that 0.2%. Be a Maverick. Be a Maverick Insider.

Support Daily Maverick→
Payment options