Sipho Mabena
Premium Journalist
3 minute read
25 Mar 2020
7:00 pm

Government’s small business Covid-19 assistance website a dangerous mess

Sipho Mabena

Web developers have found that the site was seriously lacking on security and could have exposed the private details of those who had already registered on the site to malicious actors.

The security vulnerabilities in the government's SMMESA website were glaring, before it was unexpectedly pulled following the Citizen's enquiry.

Sensitive and private business data of unsuspecting small businesses could have been compromised, with an independent assessment of government’s Covid-19 Debt Relief Fund online application website finding that it was “a hacker’s picnic paradise”. Not only does the SMMESA.gov.za site, which was launched by the small business development department this week to create a database for distressed businesses, use “outdated software”, but it was extremely vulnerable to hacking, susceptible to cloning, had no security updates and is therefore open for interception. Lec Marketing, a Cape Town-based web development company, conducted the assessment and found that that if the site was...