South Africa’s IT agency employs hackers for protection

HumanIPO reported last week on the hacking of the SAPS website through a data dump, which saw exposure of the private information of numerous whistleblowers.

City Press reportedly alerted the City of Johannesburg in the same week of the SAPS website incident, that a security hole within a key online database exposed a large number of account and personal information belonging to ratepayers.

Mmakgosi Mosupi, executive for ICT service delivery for SITA, reportedly said the agency is currently reviewing the security mechanisms on every government website it hosts.

“The process involves doing penetration tests and vulnerability scans to close any loopholes. SITA has joined forces with other government institutions to mitigate against hacks and we are continuously monitoring websites for any abnormal activities,” said Mosupi.

“The process involves doing penetration tests and vulnerability scans to close any loopholes. SITA has joined forces with other government institutions to mitigate against hacks and we are continuously monitoring websites for any abnormal activities.”

City Press reported Phuti Setati, spokesperson and brigadier for the SAPS, initially insisted no confidential information was compromised and added the security hole was plugged by SITA.

According to Terence Nombembe, auditor general of South Africa, he has been lobbying government on both national and provincial levels about the lack of decent IT security. He added government did not have any framework to address IT systems related vulnerabilities.

“That’s where the loophole is at the moment. It’s basically rolling out the initiatives to those recommendations we made to departments, but vulnerability [to hackers] is still there because not all the departments have been able to respond with speed to this level of vulnerability,” City Press quoted Nombembe as saying.