Infrastructure

ITAC has been hacked

Moneyweb reports that ITAC has since upgraded its firewall and antivirus measures and reported the security breach to the relevant authorities for further investigation.

Ayabonga Cawe, ITAC’s chief commissioner and information officer, says the delay in alerting stakeholders was due to the need to investigate the security compromise and restore the integrity of its systems.

ITAC says it considered it “vital” not to pre-empt the investigations that were initiated once its information technology team became aware of the security compromise.

“If you have engaged with ITAC recently, treat any communications you may receive from anyone purporting to be from ITAC with extra vigilance and caution,” Cawe said in a statement. 

Trade lawyers who regularly engage with ITAC have since established that the perpetrator has not downloaded the personal information, reducing the risk somewhat.

All applications for trade remedies by local companies and responses from importers and exporters are submitted in confidential and non-confidential format. This means that confidential data, such as financial statements and management accounts, are kept on ITAC servers. 

Companies ideally want to keep this information confidential, says Francois Dubbelman, founder of FC Dubbelman & Associates. 

Donald MacKay, founder of XA Global Trade Advisors, says they were unaware of the cyberattack but expressed concern about their clients’ information potentially being compromised.  

ITAC said the attackers encrypted ITAC’s data files, and users were locked out of its systems. The “malicious actors” demanded a ransom payment in exchange for restoring access or decrypting the files.

“The type of information held on ITAC’s servers include personal information relating to ITAC’s employees, service providers, importers, exporters and other stakeholders.”

When the information technology team became aware of the breach, the affected servers were immediately shut down and backups were restored.  ITAC has also appointed a forensic service provider to conduct “vulnerability and penetration testing” to determine and close the gaps in its systems.

“We assure you that we have taken all the reasonable steps to contain the security compromise and to reduce the likelihood of similar incidents occurring in the future,” ITAC said.

Moneyweb said it had earlier reported on the high risk of cyber attacks on government departments and entities due to years of underinvestment in security systems, outdated technology, and incompetent IT security staff.