Itac recovered from cyberattack with no major customer breach: commissioner

28 August 2024 - 14:35
subscribe Just R20 for the first month. Support independent journalism by subscribing to our digital news package.
Subscribe now
Itac commissioner Ayabonga Cawe at their offices in Pretoria. File image
Itac commissioner Ayabonga Cawe at their offices in Pretoria. File image
Image: Alaister Russell

International Trade Administration Commission (Itac) commissioner Ayabonga Cawe told parliament the cybersecurity compromise the trade body suffered last year, announced in April, did not result in mass infiltration of customer data.

Briefing the portfolio committee on trade, industry and competition in Cape Town on Wednesday, Cawe said while many criticised Itac for only announcing the attack months after it occurred, Itac had acted promptly and appropriately.

“Our IT environment operates certain of our organisational processes in a manual way and some of them are a sort of technical platform. Those are backed up with on-site server infrastructure. That server infrastructure is what, towards the end of last year as we have now come to understand, was breached and it was what is called a ransomware attack.”

I think there had been an anticipation that we would want to pay a ransom, but we have not done so.
Ayabonga Cawe

Ransomware is malicious software designed to block a user’s access to an information system until money is paid to allow access again.

When Itac management became aware of the attack they decided they would not pay a ransom to the malefactors. Itac contacted the police about the attack before commissioning a forensic probe into the incident.

“What was assuring for us arising from that probe was there had not been any mass exfiltration of consumer data. It had been a typical play of smash and not-necessarily grab. I think there had been an anticipation that we would want to pay a ransom, but we have not done so and in principle we would never do so.”

The breach happened as Itac was upgrading its server infrastructure. He said having several other activities in the ICT environment hamstrung Itac’s room for capital expenditure.

Such breaches have become common for extortionist or political reasons. He said across the government, more needed to be done to improve safeguards against such malefactors.

Police have not provided any updates on whether those responsible have been found, identified or arrested.

“In relation to whether people have been caught or prosecuted, we can follow up with the SAPS. We, at last follow-up, had not received any word on where that is, but in terms of recovering our environment, we are fully recovered, such that we have even had to replace some of the service infrastructure.”

He said there was nothing to suggest the threat remains dormant in Itac’s ICT environment.

Business Times


subscribe Just R20 for the first month. Support independent journalism by subscribing to our digital news package.
Subscribe now

Would you like to comment on this article?
Sign up (it's quick and free) or sign in now.

Speech Bubbles

Please read our Comment Policy before commenting.