A cybersecurity company has raised concerns about cybercrime and the recent efforts of hacking group SpiderLog$, which pointed out glaring vulnerabilities in the security systems used in South African government departments.
SpiderLog$ was able to obtain private data of President Cyril Ramaphosa, including details of a loan he took out from a South African bank in the 2000s, his home address, ID number, and cellphone numbers.
Additionally, the group produced screenshots showing it could gain entry to the webmail interface of the defence and state security departments (making it possible to access sensitive and military information), as well as identify the private IP addresses of the government’s servers, their domains, and Internet service providers.
Pankaj Bhula, Regional Director for Africa at Check Point Software this recent activity shows that no one – not even the President of South Africa – is immune to cybercrime,”
“SpiderLog$ has shown that the state is worryingly vulnerable to cyberattack, with the group even expressing that South Africa is a ‘playground for hackers.’ This should serve as a stark reminder to all organisations to up their cybersecurity game.”
Government departments have become prime targets for cybercrime, owing to the wealth of information they have on citizen activity and government operations.
One of the biggest threats to governments of all sizes remains ransomware – as seen in the September 2021 attack on the Department of Justice, and the July 2021 attack on state-owned Transnet SOC Ltd.
To fend off cybercriminals, government departments need to move beyond traditional security methods, with tools that prioritise prevention over detection.
Check Point Software said the security deployed by most government departments today is lagging behind and incapable of protecting against today’s advanced ‘Gen V’ attacks – large-scale and multi-vector mega attacks capable of causing large data breaches and major damage.
“Closing this security gap requires government departments to urgently upgrade and consolidate their security architecture, and work with vendors that have Common Criteria certification to ensure the highest security standards.”
“By implementing threat prevention across all attack surfaces (networks, cloud and mobile) and automatic, real-time sharing of threat intelligence, departments can reduce their vulnerability to large-scale cyberattacks,” Check Point Software said.
Meanwhile, the South African Post Office (Sapo) has warned customers about a new scam designed to mislead members of the public to pay money into a fraudulent account and share details of their credit card.
Customers are sent an email informing them of a package that must be collected from the Post Office.
It provides a reference number, the amount that needs to be paid before collection, the date and with the comment, “still awaiting your instructions.”
Below the details of the collection, is a highlighted instruction “send my package” which includes a hyperlink that is deemed to be a URL that leads to a spoof website to scam customers.
A tell-tale sign that the email is fake and is part of cybercrime, is the email address the email originated from with a spelling error in the word post office.
“Post office firstname.lastname@example.org”
The SA Post office said the emails and SMS messages appear to originate from the post office when in fact they have no connection with the post office.
“Clicking on the link in the message leads the user to a payment page where they are asked to deposit money into an account to ‘release’ a package. In several instances a form is included asking for the card number and the CVV number on the back.”
“The combination of the card number and CVV number are required for online purchases. If you share these details with the scammer, they may be able to use your account to its credit limit,” the post office said.