The highly publicised infiltration of the South African Police Service’s back-end infrastructure has cast a strong spotlight on the efficacy of governmental IT systems.
During this attack – motivated by a desire for revenge against the Marikana shootings of September 2012, a group of anonymous hackers gained access to an SAPS online database, withdrawing and ultimately publishing the names of 16 000 whistleblowers and state witnesses.
This unfortunate event has not only put thousands of lives at risk; it has also raised a serious question relating to the safety and security of sensitive state information.
Research indicates that the majority of malicious technical attacks are carried out after an employee has unknowingly shared login particulars via a phishing web page or a similar mechanism. Although these systems are easily sidestepped, governmental employees require a level of education to identify them.
It is highly likely that these malevolent intruders gained access to the first level of SAPS security systems after receiving permission data from an internal resource. In response, it is vitally important that all state employees are equipped with the necessary knowledge to recognise and avoid these digital snares.
The probability that this sensitive information was stored and guarded by a third party IT vendor is also extremely high. When positioning information in the cloud government agencies must impose a comprehensive vetting process to ensure the security and control of this data is not compromised.
This process requires a close understanding of where the information will ultimately be stored, a reputational analysis of the provider in question and a study into the certifications it holds.
As a recognised cloud vendor, Mimecast puts great emphasis on the importance of international security standards. In March 2013, the group earned an ISO 27001 certification – a globally recognised achievement that speaks volumes about its ability to safeguard sensitive information.
Ultimately, it is both the SAPS and government’s responsibility to offer an explanation behind the intrusion and the key lessons learned as a result.
Going forward, it is vital that state owned entities and institutions seek to gain a better understanding of how and where critical information is being stored. A fragmented, disparate repository system is not only subject to malicious attacks but cannot be effectively utilised at a national level.
Instead, government should focus on consolidating data systems into a single highly secure storehouse that can better serve the nation whilst concurrently preventing data leakage.
Mimecast South Africa
