The Department of Justice in South Africa has suffered its third cyber breach in three years, resulting in the theft of millions of rand. The hackers targeted the department’s Guardian’s Fund, making off with R18 million. The attack took place on April 6, but the breach was only discovered and reported five days later.
As a result of the cyberattack, payments from the affected offices were suspended pending investigation. The department has faced criticism for its handling of the breach, with allegations of negligence and concerns about internal communication.
The Guardian’s Fund, responsible for managing funds on behalf of individuals incapable of managing their own affairs, had over R17 billion in reserves invested with the Public Investment Corporation. The department confirmed the cyberattack and initiated an investigation involving the Hawks, the Financial Intelligence Centre, and an internal forensic team.
Furthermore, the spokesperson for the department emphasized their efforts to strengthen cybersecurity controls, including infrastructure renewal, external expertise, vulnerability assessments, and staff training.
This latest breach is reminiscent of a previous attack in September 2020, where the thieves siphoned R10 million from the department. Subsequently, the department experienced a major IT system encryption, disrupting court operations and vital processes.
At the same time, the information regulator found the department guilty of negligence for failing to prevent the data breach and losing sensitive files. The regulator ordered the department to renew software licenses, take disciplinary action against implicated officials, and improve IT system safeguards.
Cybersecurity experts stress the need for a proactive, multilayered approach to cybersecurity, considering both external and internal threats. They suggest that government infrastructure in South Africa is increasingly vulnerable to severe cyberattacks.
The recent case of Postbank, where cybersecurity measures were enhanced to prevent fraud and vulnerabilities, serves as a reminder of the importance of robust security measures. A comprehensive approach that incorporates advanced technology, skilled personnel, and stringent procedures is necessary to mitigate risks and protect sensitive data.
