Another state entity hit
HACKED: TRADE ADMINISTRATION COMMISSION UPGRADES ITS CYBERSECURITY
Itac says its data files were encrypted and users were locked out of its systems.
The International Trade Administration Commission (Itac) suffered a ransomware attack in January. It has upgraded its firewall and antivirus measures and reported the security breach to the relevant authorities for further investigation.
Ayabonga Cawe, Itac’s chief commissioner and information officer, says the delay in alerting those who might be impacted was due to the need to investigate the security compromise and restore the integrity of its systems.
Itac says it considered it “vital” not to pre-empt the investigations initiated once its information technology (IT) team became aware of the security compromise.
“If you have engaged with Itac recently, treat any communications you may receive from anyone purporting to be from Itac with extra vigilance and caution,” says Cawe in a media statement.
Confidential information
Trade lawyers who regularly engage with Itac have established that the perpetrator has not downloaded any personal information, reducing the risk somewhat.
All applications for trade remedies by local companies and responses from importers and exporters are submitted in confidential and non-confidential format.
This means data, such as financial statements and management accounts, are kept on Itac servers.
Companies ideally want to keep this information confidential, says Francois Dubbelman, founder of FC Dubbelman & Associates.
Donald MacKay, founder of XA Global
Trade Advisors, says they were unaware of the cyberattack but expressed concern about their clients’ information potentially being compromised.
Itac says its data files were encrypted, and users were locked out of its systems. The “malicious actors” demanded a ransom payment in exchange for restoring access or decrypting the files.
“The type of information held on Itac’s servers includes personal information relating to Itac’s employees, service providers, importers, exporters and other stakeholders.”
Closing the gaps
When the IT team became aware of the breach, the affected servers were immediately shut down and backups were restored.
Itac has also appointed a forensic service provider to conduct “vulnerability and penetration testing” to determine and close the gaps in its systems.
“We have taken all the reasonable steps to contain the security compromise and to reduce the likelihood of similar incidents occurring in the future.”
Itac is working closely with the Information Regulator to ensure the security breach is properly addressed.
Government departments at risk
Moneyweb earlier reported on the high risk of cyberattacks on government departments and entities due to years of underinvestment in security systems, outdated technology, and incompetent IT security staff.
The Companies and Intellectual Property Commission suffered an attack on its database in March, and the department of justice has been a regular target.
In April last year, the Master of the High Court office in Pietermaritzburg discovered an illegal breach of the Guardian Fund System, which resulted in more than R17 million being lost.
Transnet has also fallen prey to hackers.
Anna Collard, a security expert at KnowBe4 Africa, previously told Moneyweb that cyberattacks on the public sector impact the whole country.