Avatar photo

By Amanda Visser

Moneyweb: Journalist

State entity Itac hit by ransomware attack, alert issued to stakeholders

When the information technology team became aware of the breach, the affected servers were immediately shut down and backups were restored.

The International Trade Administration Commission (Itac) suffered a ransomware attack in January and has alerted its stakeholders to the risk that their personal information may have been extracted.

It has since upgraded its firewall and antivirus measures and reported the security breach to the relevant authorities for further investigation.

ALSO READ: Justice dept hack: Court cases delayed after ransomware attack

Ayabonga Cawe, Itac’s chief commissioner and information officer, says the delay in alerting stakeholders was due to the need to investigate the security compromise and restore the integrity of its systems.

Itac says it considered it “vital” not to pre-empt the investigations that were initiated once its information technology team became aware of the security compromise.

“If you have engaged with Itac recently, treat any communications you may receive from anyone purporting to be from Itac with extra vigilance and caution,” says Cawe in a media statement. 

Confidential information

Trade lawyers who regularly engage with Itac have since established that the perpetrator has not downloaded the personal information, reducing the risk somewhat.

ALSO READ: Child maintenance payments to be delayed after ‘ransomware attack’

All applications for trade remedies by local companies and responses from importers and exporters are submitted in confidential and non-confidential format.

This means that confidential data, such as financial statements and management accounts, are kept on Itac servers. Companies ideally want to keep this information confidential, says Francois Dubbelman, founder of FC Dubbelman & Associates. 

Donald MacKay, founder of XA Global Trade Advisors, says they were unaware of the cyberattack but expressed concern about their clients’ information potentially being compromised.  

Itac says its data files were encrypted, and users were locked out of its systems. The “malicious actors” demanded a ransom payment in exchange for restoring access or decrypting the files.

ALSO READ: Ransomware attack interrupts justice department’s IT system

“The type of information held on Itac’s servers include personal information relating to Itac’s employees, service providers, importers, exporters and other stakeholders.”

Closing the gaps

When the information technology team became aware of the breach, the affected servers were immediately shut down and backups were restored.

Itac has also appointed a forensic service provider to conduct “vulnerability and penetration testing” to determine and close the gaps in its systems.

ALSO READ: Government Pensions Administration Agency hacked – payments unaffected

“We assure you that we have taken all the reasonable steps to contain the security compromise and to reduce the likelihood of similar incidents occurring in the future.”

Itac is working closely with the Information Regulator to ensure the security breach is properly addressed. It adds that it does not wish to create this experience for its stakeholders.

Government departments at risk

Moneyweb earlier reported on the high risk of cyber attacks on government departments and entities due to years of underinvestment in security systems, outdated technology, and incompetent IT security staff.

The Itac incident comes shortly after the Companies and Intellectual Property Commission (CIPC) suffered an attack on its database in March, and the Department of Justice has been a regular target.

ALSO READ: CIPC says it is not first to be hacked, starts new customer verification process

In April last year, the Master of the High Court office in Pietermaritzburg discovered an illegal breach of the Guardian Fund System, which resulted in more than R17 million being lost from the Guardian’s Fund. Transnet has also fallen prey to hackers. 

Anna Collard, a security expert at KnowBe4 Africa, previously told Moneyweb that cyber attacks on the public sector impact the whole country.

This article was republished from Moneyweb. Read the original here

Read more on these topics

Cybercrime hacking