The Western Cape Provincial parliament (WCPP) in South Africa revealed last week that they had experienced a cyber security breach, rendering its ICT services inaccessible.
In an announcement, it was shared that the process of recovering its systems would be done systematically and in a phased approach over several days. This is the latest in a series of cyber incidents affecting South Africa’s public sector. In July 2021, the country’s freight rail company, Transnet, fell victim to a ransomware attack and in August 2022, the SA Reserve Bank experienced an attempted hack.
Across other sectors, the second largest private hospital operator in SA – Life Healthcare Group – was hit by a cyber attack during the COVID-19 pandemic and they were forced to bring in external cyber security experts and forensic teams to assist with addressing the issue and It says authorities have since been alerted and, more recently, credit reporting agency TransUnion South Africa was compromised in March 2022. The incident affected at least 3 million South Africans. In June 2022, President Cyril Ramaphosa’s email was hacked, and this was reported as a significant threat to South Africa.
The WCPP incident aligns with recent Check Point Research, which outn South Africa. Similarly, during the first quarter of 2023, the government/military sector was the most heavily targeted by ransomware attacks globally, with an average of 1 out of every 20 organisations impacted on a weekly basis.
Looking at South Africa specifically, on average, there have been more than 1,352 attacks per week in the South Africa in the first quarter of 2023. This is marginally higher than the global average of 1,248 attacks per week. According to Pankaj Bhula: Check Point’s EMEA Regional Director: Africa, this event further underscores the need for companies and governments to not let their guards down. South Africa’s public and private sector must invest in robust cybersecurity infrastructure and promote a culture of cyber resilience. Building a cyber resilient esate based on prevention and consolidation is imperative to mitigate the many risks associated with cyber threats.
Mitigating these incidents demands a proactive approach to addressing the threats posed by cybercriminals. This ‘Prevention first’ strategy should incorporate the 3Cs of cybersecurity best practice, which outline that security architecture must be Comprehensive, Consolidated and Collaborative. This is to ensure that all attack vectors are secured, to make sure that sophisticated cyber threats cannot bypass conventional defences and to guarantee that all measures put in place are geared to work together and offer a collaborative response if/when an incident occurs.