By Tehillah Niselow for Fin24 

Liberty Holdings customers received SMSs on Saturday alerting them that personal information related to their insurance policies could have been stolen by an external party.

The Information Regulator, which has asked for information about the Liberty breach, is clearly concerned about the increasing number of cyber attacks affecting personal data in South Africa.

“Without a fully functional Information Regulator, these breaches will continue to occur without sanctions provided for in the Protection of Personal Information Act (POPIA),” said chairperson Advocate Pansy Tlakula.

Tlakula urged “the powers that be to assist it in fast tracking its operationalisation”.

According to corporate law firm Michalsons, certain limited sections of POPIA have already been implemented. However, the bulk of the legislation will only commence at a later date, to be proclaimed by the president. As there is a one-year grace period, the POPIA deadline might only be set for the end of 2019 or in 2020.

In the meantime, South Africans are coming under heightened attack from cyber criminals and hackers.

Andrew Chester, MD of Ukuvuma Security, told Fin24 that affected clients or users should immediately alert their banks and cellphone provider. They should also undertake a credit check as well as a Google search to determine whether their personal information is in the public domain.

Liberty email hack

In SMSs to clients on Saturday, financial services company Liberty informed them that its email repository had been breached by a third party trying to demand a “ransom” in exchange for the data.

Liberty has not revealed much about the breach, citing a police investigation. CEO David Munro confirmed that Liberty’s insurance clients were the only ones affected, and that none of its other business had been compromised.

The company said none of its clients have been impacted financially, and that individuals will be personally advised if their information has been affected.

ViewFines licence details

In May the Hawks, the State Security Agency and the Information Regulator said they would probe the breach of personal records of 943 000 South African drivers, allegedly from online traffic fine website ViewFines.

The information reportedly contained the names, identity numbers and email addresses of South African drivers stored on the ViewFines website in plaintext.

The ViewFines website is owned by Aggregated Payment Systems. News24 reported that its operations manager confirmed the company was “implementing security measures immediately” to improve the website after being informed of the breach.

The source of the data was located by Troy Hunt, an Australian security researcher and creator of the free service Have I Been Pwned, which checks whether an individual’s information has been compromised.

Facebook scandal

While Facebook founder and CEO Mark Zuckerberg had to face angry lawmakers in the US and European Union, it was reported that the data breach involving the UK political consultancy affected almost 60 000 South African users.

In May, the Information Commissioner’s Office of the United Kingdom (which regulates Facebook outside the US and Canada) advised the Information Regulator of South Africa that over 87 million people had been affected worldwide.

However, no evidence could be found of South Africans having been targeted, as the majority of users involved were in the US.

Master Deed’s data breach “biggest” digital security threat in SA

Hunt was once again instrumental in revealing what was known as the “biggest” data breach in South African history, together with iAfrikan CEO Tefo Mohapi in October 2017.

Over 60 million South Africans’ personal data, from ID numbers to company directorships, was believed to have been affected.

The information was traced to Jigsaw Holdings, a holding company for several real estate firms including Realty1, ERA and Aida. The information reportedly came from credit bureau agencies, and was used to vet potential clients.

The information trove was found not to have been hacked, as it was stored in an easily accessible manner on an open web server.

Ster-Kinekor’s database compromised

Movie theatre chain Ster-Kinekor was responsible for up to 7 million South Africans falling victim to a data leak in March 2017.

Fin24 reported that Durban developer Matt Cavanagh announced he had discovered a flaw in Ster-Kinekor’s booking website, and that he had reported it to the company.

There were between 6 and 7 million users in the database. Of those, 1.6 million people had email addresses linked to them on the movie theatre chain’s database.

Liberty Life hacked, user data exposed

Financial services group Liberty Life sent out an SMS to their clients on Saturday evening informing them of a major security breach.

Liberty launched an investigation after its systems were hacked, and said the hackers alerted the company to potential vulnerabilities in its systems and were now demanding compensation.

The Sunday Times reported that the hackers obtained sensitive information about some top clients and have demanded payment of millions of rand not to release the data.

Liberty has communicated with its customers regularly, advising them to change passwords as applicable.

Liberty Life hack could be ‘an inside job’: expert

A security expert has questioned how hackers gained access to Liberty Life clients’ information, suggesting it could have been an inside job.

The financial services provided confirmed on Saturday that its information technology system was hacked last week, by people who demanded payment. It has since regained control of the system.

“It most likely happened in one of two ways: it was either an inside job or someone with the correct privileges was hacked, which means that they could have used that person’s permissions to get into the system,” said managing director of Ukuvuma Cyber Security, Andrew Chester.

He said the hack could have been avoided by applying general data security practices such as encrypting sensitive data, segregating it from vulnerable systems, and building in rigorous access control and monitoring systems.

“Why did Liberty have unstructured email data and attachments that were left unmonitored and more importantly, why was this sensitive data not encrypted? When doing threat-hunting or a security analysis for any company, the first thing one looks for is how easy it is to extract data without being detected.

“Additionally, how did the hackers know where to find the data? If it was an inside job they might have been tipped off, but if it wasn’t, it means that they spent enough time on the infrastructure to know where to look, which is very alarming,” he said.

Chester said it was also concerning that no-one detected the breach until the hackers themselves informed the company.

“There’s a common saying that you sometimes don’t know you’ve been hacked until law enforcement comes knocking at your door, but in this case, Liberty only found out once the criminals had contacted them,” he said.

The company said its investigation into the breach was at an “advanced stage”.

Source: eNCA 

By Vicky Sidler for MyBroadband / Nick Saunders at Mimecast

When I say the word “bat”, what image comes to mind? A flying mammal? A cricket bat?

In English, they call this a “homograph”: when two or more words are spelled the same but don’t have the same meanings or origins.

In cyber-security, a homograph is a lot more sinister. It’s a term given to a type of impersonation attack where an email address or website URL looks legitimate but isn’t. It’s designed to trick people into clicking on malicious links or to fool them into transferring money or sharing sensitive information.

Recent research by Vanson Bourne and Mimecast found that more than 85% of respondents had seen impersonation fraud in the past 12 months, and 40% had seen an increase in this type of attack in the same period. In South Africa, 36% of respondents had seen an increase in impersonation fraud asking to make wire transactions, and 37% had seen an increase in impersonation fraud asking for confidential data.

Despite this growth, many organisations do not have a cyber resilience strategy in place to help them detect, prevent and recover from these types of attacks.

Easy to execute, hard to detect
Homograph attacks are difficult to detect – by both the user and regular email security systems.

To create these lookalike domains, attackers use non-Western character sets or special characters found in Greek, Cyrillic and Chinese, to display letters which, to the naked eye, look identical to the western alphabet. Mimecast.com, for example, looks like мімесаѕт.com in Cyrillic. According to one domain name checker, there are 117 possible Mimecast domains that can be misrepresented with just one character from a non-English alphabet.

These subtle changes are likely to go unnoticed by users. In South Africa, 31% of respondents were not confident that employees could spot and defend against impersonation attacks, which easily and often slip through an organisation’s security systems.

Some 21% of South African respondents were not confident that their organisation’s security defences could defend against impersonation fraud asking for confidential information, rising to 25% for fraud asking to make wire transactions – in line with global trends.

This is because the emails themselves don’t contain malware and the URLs often have legitimate (read: stolen) security certificates.

Is it me you’re looking for?
Website URLs aren’t the only avenues for impersonation attacks; email address impersonation is also on the rise.

These types of attacks are designed to trick users such as finance managers, executive assistants and HR representatives into transferring money or disclosing information that can be monetised by cybercriminals. The email appears to come from someone they trust – a C-suite executive or a third-party supplier that they regularly do business with – and therefore wouldn’t think twice about responding to.

South Africans reported that, in the past 12 months, cybercriminals have attempted to impersonate finance teams (24%), third-party vendors (20%), a member of the C-suite (7%), as well as HR, sales, operations, legal and marketing team members (between 5% and 8%).

Again, these emails do not contain malware, which means they can go undetected by most email security systems. Social engineering attacks such as these rely on our inability to spot anomalies in URLs and email addresses – and the fact that we believe we’re communicating with someone we know.

Know what to do
Cybercriminals have figured out that they can bypass security systems by switching from malware-laden attacks to malware-less impersonation attacks. Now, social engineering meets technical means to put us in the middle of the next evolution of cyber-attacks.

Here are some measures organisations can implement to guard against these types of attacks:

  1. Education – when users know how social engineering and spoofing attacks work and then understand they shouldn’t click on links in emails, breach incidents can be drastically reduced. Users should be encouraged to physically type an address into a browser rather than click on a link in an email, even if it was supposedly sent by someone they know and trust. Education and awareness will always be the most important defence mechanisms.
  2. Protection – email security systems are getting better at stopping malware which enter the network through dodgy files and attachments, but few are effective against impersonation attacks. Organisations need a solution that can deep-scan all inbound emails and inspect for header anomalies, domain similarity, sender spoofing and the existence of keywords and suspicious impersonation emails. These can then be blocked, quarantined, or delivered as flagged to alert the receiver of potential risk.
  3. Resilience – having the right threat protection in place is just one part of a robust cyber resilience strategy. Organisations also need to be able to adapt their strategies to stay ahead of attacks, while having the durability to continue with business as usual in the event of an attack, and the recoverability to ensure data and emails are always accessible.
  4. Oversight – often, lax security on a third-party supplier’s side provides an entry point into an organisation’s network. Enterprises should continuously evaluate and manage the security and privacy policies of their suppliers and include security in their service level agreements. They should also perform on-site security assessments with new suppliers before sharing sensitive information.
  5. Visibility – organisations need to know who their vendors are and who has access to company information, and for what reasons. This is even more important now that the EU’s General Data Protection Regulation has come into force and will affect all South African organisations when the Protection of Personal Information Act is finalised.

Thirty-seven percent of South African organisations have suffered data loss because of email-based impersonation attacks in past 12 months. These organisations also reported reputational damage (34%), loss of customers (29%), direct financial loss (17%) and lost market position (19%).

Email continues to be the number one threat to organisations globally and accounts for 96% of all incidents that organisations face.

Clearly, there is an urgent need to work towards a higher standard of email security. Cyber-criminals have evolved their attack methods. It’s time the security strategies organisations use to protect their users and their businesses evolve as well.

By Harry Pettit for MailOnline 

An ’embarrassing’ leak shows the European Union has fallen short of its own data protection laws.

The European Commission’s website has published 700 records, including the names, addresses and mobile numbers of conference attendees, according to a report.

Officials in Brussels admitted the authority that designed the rules is not itself compliant with the General Data Protection Regulation (GDPR).

The Commission has previously warned that those who breach these rules, which came into force last week, could face millions in fines.

Following the leak, a spokesperson said the authority was exempt from GDPR laws for ‘legal reasons’.

Officials in Brussels will follow a similar set of new laws that ‘mirror’ those laid out in GDPR.

These rules will not enter force until autumn, according to the Telegraph.

The spokesperson added that the Commission is ‘taking and will continue to take all the necessary steps to comply’.

GDPR aims to strengthen and unify data protection for all individuals within the EU, which means cracking down on how companies use and sell user data.

Under GDPR, companies are required to report data breaches within 72 hours, as well as allow customers to export their data and delete it.

Companies scrambled to comply with the rules before they were ratified on May 25 with the Commission threatening hefty fines for those who breached them.

The bureaucracy’s website exposed 700 records that include people’s names, professions, and even some postcodes and addresses.

Officials in Brussels admitted the authority that designed the rules is not itself compliant with the General Data Protection Regulation. GDPR aims to strengthen and unify data protection for all individuals within the EU.

The records, some of which featured the private information of Britons, were collected during EU meetings and conferences and stored on data spreadsheets.

Tech website Indivigital found the documents are among thousands hosted by the website Europa.eu that are freely accessible online.

Many of them could be found by simply searching for the document on Google.

This leak would constitute a breach of GDPR rules were the blunder committed by other organisations or businesses.

What is GDPR?

The General Data Protection Regulation is an EU-wide law that cam into force on May 25 2018.

It gives greater power to regulators to penalise companies who mishandle personal data or are not transparent about how their business uses it.

For consumers, it brings new powers that require firms to obtain clear consent from users before processing their data.

It also grants users a right to easily access the data collected from them and transparency on how it is being used.

Everyday users have to do very little to comply with GDPR – it’s more targeted at big online businesses.

Under the new rules, any company that controls or processes the data of EU citizens must adhere to the GDPR guidelines.

This ends territorial-based accountability used by some firms not based in the EU to previously avoid sanction.

The law also states that notification of a data breach must occur within 72 hours of being first discovered, increasing transparency around leaks.

The weight of fines able to be issued has also increased under GDPR.

Regulators will be able to issue penalties equivalent of up to four per cent of annual global turnover or 20 million euro (£17.5 million) – whichever is greater.

For tech giants such as Google and Facebook, this could mean the risk of fines running into the hundreds of millions.

Fines for such a breach can reach up to £17.5 million ($23 million) or four per cent of global turnover – whichever is largest.

Jon Baines, a data protection expert at law firm Mishcon de Reya, described the ‘irony’ of the EU’s admission.

‘Although the information disclosed here does not appear to be particularly sensitive, it does raise questions about the general level of compliance, and whether any further inadvertent disclosures have been made,’ he told the Telegraph.

Steve Gailey, security expert at database security firm Exabeam, added that the exposure ‘is embarrassing for the EU, coming hot on the heels of GDPR’.

By Adiel Ismail for Fin24 

Goliath and Goliath CEO Kate Goliath is encouraging small businesses to ramp up security measures after her comedy and entertainment agency fell victim to invoice intercepting as a result of e-mail hacking.

Goliath and Goliath is out of pocket to the tune of more than R300 000, while its subsidiary The PR Bailiff has been scammed out of R20 000.

The hackers gained access to the company’s emails and requested clients to make payments to a different bank account.

Goliath told Fin24 that small businesses shouldn’t just rely on tech companies to educate them about cybercrime.”Find out as much information about how hackers get into the systems so that you are aware of what service providers need to offer,” she said.

“Be vigilant. Protect your business and insure the technical side of your business as well.”

The company opened a case with the police and is in the process of sending a subpoena to the bank where the funds have been deposited.

Afrihost said it will work with the police to further investigate the incident. “We strongly believe this was a case of phishing,” a representative told Fin24.

Entertainment and media high risk for cybercrime

“We have noticed that some banks are posting warnings before a client makes a payment to verify that the bank details they’re using are correct. We assume that this is because of an increase in these types of phishing attacks.”

Cyber incidents rank top in the entertainment and media, financial services, technology and telecommunications industries, according to the Allianz Risk Barometer 2018.

The report revealed that cyber incidents remain a top threat with 38% of responses for South African businesses, which is reported to lose billions of rands a year to cyber attacks.

The three Goliaths – Jason, Donovan and Nicholas – do stand-up comedy and entertains at workshops, conferences, award ceremonies and events.

Craig Rosewarne, Managing Director at Wolfpack Information Risk, which is a threat intelligence firm that specialises in understanding and predicting cyber threats, said small and medium businesses are just as vulnerable as big businesses when it comes to hacking.

“Their challenge however is that security is often the last thought until they get stung and end up either losing a substantial amount of money or leaking their customer’s sensitive data,” he told Fin24.

Wolfpack has assisted many small and medium sized businesses whose invoices have been hacked, said Roseware. In this regard it has found three common causes:

1. Attackers will perform reconnaissance on key individuals in IT / Finance / Execs and send a targeted spear phishing email to target their machines for access or further information

2. Spyware is loaded on their devices that record keystrokes and take screenshots for the attacker

3. Compromising their online hosting / email platform and adding in rules for any email that has the word “invoice” or “payment” – to send a duplicate email to the attacker’s gmail or “burner” account.

Tips for companies

Roseware suggested that companies under attack should conduct an independent risk assessment and obtain guidance on how to mitigate risk.

“Employees should also be made aware of risks and this should be backed up with an information security policy signed by staff and contractors.”

He also stressed the importance of having up to date anti-malware software on all devices that process sensitive information.

Cyber risk is fast becoming the number one risk facing countries, governments and organisations, noted Roseware.

“In all of these scenarios it often boils down to an individual that gets compromised so cyber awareness is key in both your business and personal lives.”

Six property scams to avoid

A recent article by Business Tech highlights the leading property scams to avoid.

Engel & Völkers singled out the most predominant property scams you may encounter while searching to buy or rent property:

1. Intercepted emails

This involves scammers, hacking into the email of people involved in the transactions, such as agents or lawyers, by tricking home buyers into wiring funds to them instead of the appropriate parties. They often will use a generic email address indicating that the funds should be wired to a specific account which will then vanish without a paper trail.

2. Fraudsters posing as a buyer

They will approach a seller privately and show keen interest in the property and put in an offer. After a few days, the supposed buyer will contact the seller asking for a document to be signed to help them get their home loan approved, which the seller then signs without reading too much of the document only to discover later that a third party claims to have bought the home.
It will be found that the scam artist (the first buyer) has been marketing the home online as an agent, by taking the photos off various websites, and has found a buyer who is also unaware that something is wrong – and who might have paid a large deposit over to the supposed agent.

3. Identity theft

Criminals have become much more experienced and are using stolen identity details not only to empty bank accounts but to obtain various credit accounts and even home loans. They are able to delay detection of the fraud for long periods while the unpaid bills and instalments mount up.

The scammer will use false documents to pose as the property owner, register forged documents transferring a property to their name, and then get a new mortgage against the property. After securing a mortgage or line of credit, the criminal takes the cash and disappears.

4. Bait and switch scheme

This occurs when a prospective buyer offers an ‘above market value’ price to a seller. The seller, impressed by the high offer signs the contract, meanwhile the deceitful buyer has no intention to purchase the property.

Once the seller signs the contract, the seller may only sell to that buyer for a specified time, when that time ends the fraudster asks to extend the contract a few weeks to work out closing details. Sounding reasonable, the seller agrees to the extension blinded by the high offer.

In the meantime the seller keeps paying taxes, maintenance, utilities and insurance the buyer comes back to the seller with an excuse as to why this price no longer works, and requests a reduction to below market value and threatens to cancel if their demand is not met. Stressed by time and on-going costs, the seller agrees to the reduction.

5. Duplicated listings

“Agents” copy legitimate rental listings and advertise for a much cheaper price. Unfortunately, many people fall for these fake listings and wire money to the owners of these fake listings.

6. Fake rental agents

When you find a property you really like, you call the agent to arrange a viewing and they say they will meet you there. Later they call and say they won’t be able to make it anymore, but no need to worry the landlord will be there to show you around. The agent then promises to negotiate a lower price with the landlord.

When you arrive at the house you find many other people interested in renting the same place. You call the agent back to negotiate a better price that you’re happy with; they will phone you back shortly to inform you of the new price, all you have to do is transfer the money for the first two months to secure the place.

On moving day, you find someone else is moving in and the agent wasn’t an agent; they just found the property online and reposted it with their own contact information. They purposely send several people at a time to view the property to generate a sense of urgency for the potential renters.

Avoid becoming a victim

  • Be wary when you are requested to make a payment for something minor like a credit check or security deposit, in most cases, there’s nothing you can do to get your money back because the scammer can’t be tracked.
  • If the price looks too good to be true, it probably is. Prices are considerably higher than they were a few years ago.
  • The email sounds strange – some listings hide the email address when you send a message, so you might not be able to see the address if you respond to the listing. Scammers usually use free email servers and they’ll often go by a series of random letters to make them less easily traceable.
  • The agent won’t show you the property – If you ask to see the property and they claim it’s impossible, it’s probably a fake listing. Agent will make time for people who are interested in the property.
  • The seller pushes you – the faster a scammer gets you to agree to a business deal, the faster they can steal your money and avoid getting caught. The seller will often use high-pressure tactics that attempt to push you into acting quickly in order to purchase the home. Don’t be prodded by any seller to send money.
  • The seller asks you to wire money – when you see the term “wire money” or similar variation of that phrase come up in a business conversation with someone you’ve never met, red flags should go up. Many scams entail wiring of funds because it’s more difficult to trace and enables the scammer to collect the money sooner. Scammers will come up with a variety of plausible reasons why the money should be wired rather than sent through a bank or lawyer.
  • The buyer or seller is foreign and wants to buy a home unseen – most people want to at least see a property and become familiar with the area before making a large investment. This doesn’t mean you should be wary of all foreign inquiries, but many scams often occur overseas because it’s harder to trace the person behind the fraud. Foreign buyers who don’t ask questions, act in haste, and don’t care to see the property indicate a high likelihood of fraud.
  • Be well informed about market related prices within the area you are looking to rent or buy. If a property is advertised way below the market related price for that area it should raise your concerns.
  • If you found a “bargain” online you should call the estate agency to find out if the deal is for real. Don’t call the number at the bottom of the ad because this number could lead to a fake office. Rather find the actual office number, call there and ask the receptionist to give you the number of the specific agent or branch you are looking for.
  • Be wary of agents and landlord who seem too eager or pushy to get you to live in their property or one they are marketing. A legit agent or landlord will always conduct the necessary checks and will not be too disappointed when you don’t show much interest in the property.
  • If the agent is constantly making up excuses as to why they are not able to meet you or show you the property, you should also be worried. The chances are good that they don’t have access to the property and are stalling for time until they can think of a clever way to get you to pay the deposit.
  • Never pay a deposit before you have viewed a property.

Source: Business Tech

By Eric Limer for Popular Mechanics 

Twitter is suggesting all users change their passwords as a precaution after a reported glitch caused some passwords to be stored in plain text. If you’ve ever used your Twitter password for another service, you’d be wise to change it in both places.

Twitter says there is no evidence of a breach, but the error would have allowed any snoopers inside the system to scoop up unprotected passwords with ease. Typically, passwords are “hashed” before they are stored, a process which transforms them password into a unique series of numbers and letters that can’t be translated back into the actually sequence of numbers and letters you type in. This prevents hackers from snagging a phrase they can try on your other accounts.

Even with no evidence of an actual breach, this bug serves as a good reminder for some basic security hygiene. Use unique passwords for every service you use; a password manager can help you keep track of them all. Turn on two-factor authentication where available (it is available on Twitter). And while you’re at it, go look at the apps that have access to your account. These apps, if they’re insecure themselves, can offer hackers a limited way into your account without ever having to figure out your password.

Source: EWN 

Nearly 60 000 South African users have allegedly been impacted by the Facebook/Cambridge Analytica data breach.

The breach which affects more than 87-million Facebook users came after some 270,000-people allowed use of their data by a researcher.

In 2013, a Cambridge University researcher named Aleksandr Kogan created a personality quiz app. Through the app, Kogan scraped the data of all their friends as well, a move allowed by Facebook until 2015.

The researcher then sold the data to Cambridge Analytica, which was against Facebook rules.

A Facebook spokesperson says 33 users in South Africa downloaded the quiz app and the 59,777 were friends of those who would have installed the app elsewhere in the world.

Facebook CEO Mark Zuckerberg says there was a breach of trust between Kogan, Cambridge Analytica and Facebook.

“But it was also a breach of trust between Facebook and the people who share their data with us and expect us to protect it. We need to fix that.”

Zuckerberg says Facebook has a number of plans to prevent something like this happening again.

“First, we will investigate all apps that had access to large amounts of information before we changed our platform to dramatically reduce data access in 2014, and we will conduct a full audit of any app with suspicious activity. We will ban any developer from our platform that does not agree to a thorough audit. And if we find developers that misused personally identifiable information, we will ban them and tell everyone affected by those apps. That includes people whose data Kogan misused here as well.”

By Sipho Masondo for City Press

Fears are mounting that up to 15 municipalities across the country could collapse because they are not likely to recover their R1.5bn investments at VBS Mutual Bank.

Their exposure to VBS was “too large compared to their operating revenue”, according to a Treasury document sent to the affected municipalities last week.

The SA Reserve Bank (Sarb) placed VBS under administration in March, following a liquidity crisis. VBS’s main source of cash was illegal short-term municipal deposits which it used to fund long-term loans to clients.

Senior Treasury officials fear that some of the municipalities – based in Limpopo, North West, Gauteng and Mpumalanga – could collapse. This would force their provincial governments to place them under administration.

The Treasury report reveals that the 15 councils are unlikely to recover their R1.5bn total investment.

“The payout to municipalities is highly uncertain,” the document reads. Its authors point out that Sarb is likely to prioritise retail depositors and not bail municipalities out.

“In line with the mandate of protecting the most vulnerable, the restructuring will focus on the depositors. At this stage, the ordinary depositors will get back almost all their deposits,” reads the document.

Sarb has already approved a restructuring that would benefit rural retail depositors, funeral insurance collectives, stokvels “and other vulnerable groups”.

“There may be little left for municipalities, which deposited illegally. It is a general principle that no bailouts are provided to municipalities,” the Treasury document says.

A senior Treasury executive said there were concerns that because of their “reckless investments” at VBS, some of the municipalities may no longer be financially viable.

“Some of their finances are in tatters, and they may need to be placed under administration,” the executive said.

Salaries in jeopardy

The official cited the example of Giyani, which invested R158m of its R302m operating revenue in VBS.

“How does a municipality without half of its operating revenue survive?” the official said.

The newly established Lim 345 Municipality, in the Thohoyandou area, had invested R122m of its R344m operating revenue in VBS. Greater Tubatse in Sekhukhune had put R210m, or 38%, of its R548m operating revenue in the bank.

Another Treasury executive said this money was part of municipalities’ annual budgets and not extra money that the councils could function without.

“Unfortunately, they have lost all that money and it is only a matter of time before you hear that some of them are not able to pay salaries. I’ve heard that one of them nearly didn’t pay salaries in November last year,” he said.

An executive member of the SA Local Government Association said it was “almost a foregone conclusion that some of these municipalities will crash”.

“We are losing sleep over the issue. The money was strictly for operational issues, not reckless investments,” said the official.

Fictitious deposits, untraceable lending

The Treasury report reveals that about R900m is missing at VBS.

“This money appears to have disappeared due to fictitious deposits and untraced lending. There is evidence of large, unrecoverable loans to directors and related parties. There is some evidence that VBS paid a lawyer a ‘commission’ when municipalities deposited money with the bank. It is not, at this stage, evident if this commission was passed on to municipal managers.”

The report says the bank’s business model was “ill-fated and doomed to fail”.

“VBS made long-term loans, knowing that their primary funding was short-term in nature and lumpy. Hence the business model is almost certainly designed to generate liquidity problems when a few municipalities withdraw their funds to spend on budgeted programmes,” the report reads.

Law was broken

Treasury says VBS actively flouted the law by focusing on municipal deposits, which made up almost 75% of all its deposits. Despite being aware of the restrictions on accepting municipal deposits, the bank continued to accept more. This continued even after it started talking to Treasury about phasing out its past municipal deposits, in order to comply with the Municipal Finance Management Act.

The Mahikeng, Greater Tubatse, Ruth Segomotsi Mompati and Elias Motsoaledi municipalities appear to have been enticed by the high returns the bank promised and disregarded the act.

Curator’s ‘extortionate’ fees

Two VBS senior managers accused the bank’s curator, Anoosh Rooplal, employed by auditing firm SizweNtsalubaGobodo, of charging “exorbitant and extortionate” fees. He sent the bank a bill of R2.6m for three weeks of work.

Sarb appointed Rooplal when it placed VBS under administration in the middle of March.

Rooplal sent the bank his invoice on March 31. The bank paid three days later.

One of the managers said: “If you invoice R2.6m in three weeks, how much will you be paid every month? How much will Anoosh and SizweNtsalubaGobodo be paid by the time the bank is back on its feet? It all looks exorbitant and extortionate.”

Another manager lamented the fact that while depositors could not access their money, the curator was being paid handsomely.

“It simply just doesn’t make any sense to me,” the manager said.

The curator’s spokesperson, Louise Brugman, said Sarb had approved the remuneration and fee structure for the curatorship upfront.

She said that, as per normal governance practice, the curator was required to regularly update Sarb on fees, related activities and the bank’s financial position.

“As further irregularities have been uncovered within the bank, additional experts have been required to assist to restore the bank, all of which is reported and explained to Sarb,” she said.

Make your router hacker-proof

By Sandeep Nair Narayanan, Anupam Joshi and Sudip Mittal for The Conversation 

In late April, the top federal cybersecurity agency, US-CERT, announced that Russian hackers had attacked internet-connected devices throughout the U.S., including network routers in private homes. Most people set them up – or had their internet service provider set them up – and haven’t thought much about them since. But it’s the gateway to the internet for every device on your home network, including Wi-Fi connected ones. That makes it a potential target for anyone who wants to attack you, or, more likely, use your internet connection to attack someone else.

As graduate students and faculty doing research in cybersecurity, we know that hackers can take control of many routers, because manufacturers haven’t set them up securely. Router administrative passwords often are preset at the factory to default values that are widely known, like “admin” or “password.” By scanning the internet for older routers and guessing their passwords with specialized software, hackers can take control of routers and other devices. Then they can install malicious programs or modify the existing software running the device.

Once an attacker takes control
There’s a wide range of damage that a hacker can do once your router has been hijacked. Even though most people browse the web using securely encrypted communications, the directions themselves that let one computer connect to another are often not secure. When you want to connect to, say, theconversation.com, your computer sends a request to a domain name server – a sort of internet traffic director – for instructions on how to connect to that website. That request goes to the router, which either responds directly or passes it to another domain name server outside your home. That request, and the response, are not usually encrypted.

A hacker could take advantage of that and intercept your computer’s request, to track the sites you visit. An attacker could also attempt to alter the reply, redirecting your computer to a fake website designed to steal your login information or even gain access to your financial data, online photos, videos, chats and browsing history.

In addition, a hacker can use your router and other internet devices in your home to send out large amounts of nuisance internet traffic as part of what are called distributed denial of service attacks, like the October 2016 attack that affected major internet sites like Quora, Twitter, Netflix and Visa.

Has your router been hacked?
An expert with complex technical tools may be able to discover whether your router has been hacked, but it’s not something a regular person is likely to be able to figure out. Fortunately, you don’t need to know that to kick out unauthorized users and make your network safe.

The first step is to try to connect to your home router. If you bought the router, check the manual for the web address to enter into your browser and the default login and password information. If your internet provider supplied the router, contact their support department to find out what to do.

If you’re not able to login, then consider resetting your router – though be sure to check with your internet provider to find out any settings you’ll need to configure to reconnect after you reset it. When your reset router restarts, connect to it and set a strong administrative password. The next step US-CERT suggests is to disable older types of internet communications, protocols like telnet, SNMP, TFTP and SMI that are often unencrypted or have other security flaws. Your router’s manual or online instructions should detail how to do that.

After securing your router, it’s important to keep it protected. Hackers are very persistent and are always looking to find more flaws in routers and other systems. Hardware manufacturers know this and regularly issue updates to plug security holes. So you should check regularly and install any updates that come out. Some manufacturers have smartphone apps that can manage their routers, which can make updating easier, or even automate the process.

Platinum:

         

Gold:


Silver:

           

Follow us on social media: 

               

View our magazine archives: 

                       


My Office News Ⓒ 2017 - Designed by A Collective


SUBSCRIBE TO OUR NEWSLETTER
Top