Avatar photo

By Hein Kaiser

Journalist


Govt can’t keep you safe: IT vulnerabilities could collapse SA in 3 days

South Africa’s government servers have over 10 000 vulnerabilities, exposing critical data to potential cyberattacks.


Millions of South Africans’ personal details, sensitive state information, and other critical data are at risk of being compromised.

An investigation into the digital security of government servers has shockingly revealed more than 10 000 unprotected entry points through which hackers could potentially exfiltrate sensitive information.

Disturbingly, the gov.za domain, used by governmental institutions in South Africa, is the main conduit to these vulnerabilities.

A The Citizen investigation revealed a potentially dismal picture of cybersecurity that may seem compliant on the surface, but lacks the robustness to resist most kinds of online attacks.

ALSO READ: CYBER ATTACKS: ‘Open’ home affairs systems could spark large-scale identity theft

‘South Africa could be taken down in three days’

Some firewalls to protect IT systems are in place but, overall, there’s a weakness in the national armour, according to the hacking expert.

The chief executive of cyber security operation Scarybyte, Karim Jaber, said if a dedicated group of hackers waged war on South Africa, the country could be taken down in three days.

“From critical infrastructure to essential services like home affairs could be hacked,” he said.

According to an expert who wanted to remain anonymous and who demonstrated vulnerabilities to The Citizen, home affairs represents one of the largest risks, with more than 10 000 possible points of digital entry into the system.

ALSO READ: CYBER ATTACKS: Why SA government has a data security crisis

An access point, he said, is like a porous border post. There may be a firewall or border management agents present, but it does not stop anyone from charging at the border and getting through.

Home Affairs Minister Leon Schreiber said he has been concerned from the get-go.

“From day one of my appointment, I have said that the wholesale digital transformation of home affairs is our single most urgent priority: both to unlock the opportunities of technology and to deal with the threats.”

ALSO READ: CYBER ATTACKS: A history of hacks show data breaches are ‘taken too lightly in SA’

What all the terminology means in plain language

FIREWALL

A firewall is like a metro police member at a roadblock. Motorists with expired licences or outstanding fines are not let through.

So, too, a firewall allows legitimate data through the roadblock it creates digitally, while stopping anything suspicious.

WHITE HAT HACKER

A hacker for the good side. This means that they test systems for vulnerabilities, for example, to help identify weaknesses that their opposites, black hat hackers, could exploit.

ENTRY POINTS

Digital entry points in a digital environment are like open doors or windows in your house. They are the entry points that allow bad guys, in this instance, potential hackers, to gain entry.

These can include poorly secured or devised passwords, software that’s old, exposed APIs or unencrypted data connections that create vulnerabilities in a digital network.

IT

Short for information technology and loosely refers to anything to do with computers, computing and software.

SUBDOMAINS

Subdomains are extensions of a main website address, like branches of a retail chain. For example, shoppingspree.co.za’s subdomain could be shoppingspree.nosering.co.za which is a subdomain of the main site.

ALSO READ: ‘Killer Stories’ digs deep into South Africa’s most notorious crimes

They are used to organise or separate different sections of a website by adding extensions that can easily be understood.

IP ADDRESS

Like an ID number that belongs just to you, or a cellphone number, an IP (internet protocol) address serves to identify specific websites, computers or servers. This makes it possible for other devices to easily find and then communicate with each other.

PORTS AND OPEN PORTS

A port on a device is like an entry point that allows data to flow in and out, almost like a door connecting the device to the internet. When a port is open. It is actively accepting connections from, for example, the internet.

This is needed to operate certain devices but if it is not properly policed, they can become open invitations to hackers.

PHISHING

Phishing is loose term for a digital attack where scammers trick people into revealing sensitive information, such as passwords or bank details. These types of e-mails are often found in inboxes, for example fake Sars or bank e-mails.

By posing as trusted organisations, often through these fake e-mails or websites, people are duped out of large sums of money.

For more news your way

Download our app and read this and other great stories on the move. Available for Android and iOS.