Hack attack

South Africa can ill afford the growing targeting of critical infrastructure [View this email in your browser]( September 14, 2021 [Mail & Guardian]( [Mail & Guardian]( [Twitter]( [Facebook]( [Instagram]( [YouTube]( Hi there, Nearly a year ago to the day last year, Sabelo Skiti came across a very curious story. Last September, Skiti reported that Absa bank and the department of justice were investigating the theft of R10-million stolen in a[daring hack of the Guardian’s Fund’s accounts]( in the Pietermaritzburg master of the court offices. The Mail & Guardian learned that the department, together with Absa, was scrambling to try to recover the stolen funds after learning about the hack, a week after the fact. It is not clear exactly when the money was taken, but well-placed sources told the M&G the money was siphoned off in 11 transactions. The breach is believed to have emanated on Absa’s side, the sources said. The Guardian’s Fund falls under the master of the high court and was created to manage money on behalf of people who are legally incapable of managing their affairs. This includes minors, unborn heirs, and missing or absent persons. According to the government, money in the fund — about R13-billion in 2018, according to its annual financial statements for that year — is invested with the Public Investment Corporation and audited annually. The M&G has established that, beyond freezing the rest of the fund’s accounts, the chief master has taken possession of all employee desktops and laptops in the office as part of an investigation. The hope, sources said, is that the transfers can be reversed. The Guardian’s Fund is also administered in five other masters’ offices: Cape Town, Pretoria, Bloemfontein, Kimberley and Makhanda. Cybersecurity experts have previously warned that incidents of this sort would likely increase in South Africa with state entities — already legendary for their poor management and myriad issues — increasingly becoming the target. On 6 September this year, the justice department and [the National Space Agency were both attacked]( but no ransom demands were made on either of the agencies. State logistics company Transnet was also the subject of an attack in two months ago. On 22 July, it was initially reported that Transnet was experiencing problems with its information technology networks. Transnet manages the nation’s rail, port and pipeline infrastructure. The disruption primarily affected operations in several container terminals, interrupting cargo movement. Four days later, Transnet confirmed it had suffered a cyber attack. This attack, although unprecedented, was not unexpected. Since the beginning of the Covid-19 pandemic, the number of cyber attacks has been increasing worldwide and in South Africa, inflicting financial losses across the manufacturing, banking and energy sectors. South Africa’s critical infrastructure has been targeted before, with minor impact. The recent incident was the first time the operational integrity of the country’s critical maritime infrastructure has suffered a severe disruption. The company told staff not to use laptops, desktops, and tablets connected to the Transnet domain and not access work emails from their personal devices. On 27 July, Transnet declared force majeure, a common clause on contracts that frees all parties from liability when an extraordinary event occurs, an “act of God” or, more colloquially, a “get out of jail free” card. Most importantly, the container-handling facilities at Durban’s port were affected, significantly increasing logistical congestion. Durban hosts the busiest container port in sub-Saharan Africa, handling about 60% of South Africa’s container traffic. The port is also a logistics hub for the region, working as an artery for raw material exports from Zambia and the Democratic Republic of the Congo. The Transnet attack couldn’t have come at a more inopportune time: The country is recovering from the effects of the bloody unrest linked to former president Jacob Zuma’s arrest for contempt of court. The timing also raises suspicions that it may be linked to the attempted insurrection, although authorities do not believe these two events are connected. The Institute for Security Studies thinks these attacks on critical infrastructure, including maritime ports, are [likely to increase in severity and quantity](. We are inclined to believe this assessment. Cyber criminals are constantly adapting their approach and they could teach the government a thing or three about management. Durban harbour was ranked in the bottom three of the world’s 351 container-handling facilities in the World Bank’s Container Port Performance Index 2020. Transnet’s cyberattack will only add to the port’s woes and make competitors, like Walvis Bay in Namibia, more appealing. Incompetence is simply too expensive for South Africa to endure. Until tomorrow, Kiri Rupiah & Luke Feltham [Subscribe now]( Enjoy The Ampersand? Share it with your friends [Share]( [Share]( [Tweet]( [Tweet]( [Forward]( [Forward]( [Share]( [Share]( Copyright © 2021 Mail & Guardian Media LTD, All rights reserved. You are receiving this email because you opted in to receive communications from the Mail & Guardian either at our website or by taking out a print subscription. Our mailing address is: Mail & Guardian Media LTD 25 Owl St BraamfonteinJohannesburg, Gauteng 2001 South Africa [Add us to your address book]( Want to change which mails you receive from Mail & Guardian? [Update your preferences]( to tell us what you do and don't want to receive, or [unsubscribe](. *If you are a paying subscriber, we recommend updating your preferences rather than unsubscribing, as you may miss important information relating to your subscription.