How the ANC broke Eskom

Source: MyBroadband

Eskom was once so successful that it was supplying more than half the electricity in Africa.

However, years of corruption, incompetence and political meddling has brought Eskom to its knees, and it is now begging for bailouts to stay afloat.

The company’s growing debt burden, which already exceeds R400-billion and can grow to R600-billion in the next three years, means it is technically bankrupt.

So bad is the situation that former Finance Minister Nhlanhla Nene said Eskom is the single biggest risk to South Africa’s economy.

The image below provides an overview of how Eskom changed over the last 10 years:

Image credit: MyBroadband

Source: IT News Africa

As South Africa’s business sector continues to expand across a myriad of digital platforms, cybercrime continues to threaten this burgeoning digital sphere. “There are many victims of cybercrime, with limited recourse available in terms of current South African law. The need for tighter and more effective legislation is pressing,” says Grant Christianson, e4’s Group Legal Advisor.

The end of October 2018 hopefully saw the legislative cycle for the Cybercrimes Bill nearing completion, as the Department of Justice and Constitutional Development tabled an updated version. Christianson says that the existing laws have become problematic in adequately combatting cybercrime and the new Bill is needed to effectively “fill-the-gaps” that exist in current legislation and the common law.

“According to the South African Banking Risk Information Centre (SABRIC), South Africa’s annual loss is estimated at R2,2 billion, making it a significant threat to an already volatile economy.”

While the Bill does no longer address cybersecurity, he says that it will provide a framework for combatting cybercrime. Initially drafted in 2015, it addresses criminal activity that is computer-based and is related to unlawful access to, interference with or distribution of data, electronic communications, information systems and networks. He says the Bill also creates new offences for hacking; phishing, cyber bullying, unlawful interception and distribution of data, ransomware, cyber forgery and extortion, as well as acts involving malware and identity theft. Anyone convicted is likely to be fined and/or imprisoned up to 15 years.

The Bill is also expected to align with international best practice: “There will be a requirement to co-operate with other countries to effectively deal with multi-jurisdictional cybercrime activity, as often the cyber offence is created in one jurisdiction and felt in another,” says Christianson.

As a country, with the third highest number of cybercrime victims worldwide, South Africa is a target. Christianson says that mobile technology will further impact users as the country’s growing reliance on the app economy and other mobile trends will drive cyber criminals to penetrate mobile networks: “As devices become more connected and smarter, users are more exposed and so the threat grows. Digitisation is a trend that has no end in sight and while it brings with it innovation and exciting changes, cybercrime continues to grow in parallel.”

While the timeframe for the Bill’s signature is uncertain, Christianson says that it is at least in its final stages and once signed into law, the law-enforcement industry can become more proactive in its pursuit of cybercriminals.

South Africa adopts Cybercrime Bill

Source: South Coast Sun

Parliament’s Justice Committee officially adopted the Cybercrimes and Cybersecurity Bill last week. The Bill is aimed at bringing South Africa in line with other countries’ cyber laws and the threat of cybercrime, and it has introduced new laws regarding ‘malicious’ electronic communication.

BusinessTech outlined these proposed new crimes below:

* Any person who contravenes one of the following provisions is liable on conviction to a fine or to imprisonment for a period not exceeding three years, or to both a fine and imprisonment.

* A message which incites damage to property or violence.

* Any person who unlawfully makes available, broadcasts or distributes by means of a computer system, a data message to a person, group of persons or the general public with the intention to incite:
(a) the causing of any damage to property belonging to; or
(b) violence against, a person or a group of persons.

* A message which threatens persons with damage to property or violence. As an extension of the above, the Bill also makes it an offence to distribute messages which threatens a group of people with violence, or with damage to their property.

The Bill clarifies that ‘group of persons’ means characteristics that identify an individual as a member of a group. These characteristics include without limitation: Race; gender; sex; pregnancy; marital status; ethnic or social origin; colour; sexual orientation; age; disability; religion; conscience; belief; culture; language; birth and nationality.

* A message which unlawfully contains an intimate image.

By Lily Hay Newman for Wired 

For two hours on Monday, internet traffic that was supposed to route through Google’s Cloud Platform instead found itself in quite unexpected places, including Russia and China. But while the haphazard routing invoked claims of traffic hijacking—a real threat, given that nation states could use the technique to spy on web users or censor services—the incident turned out to be a simple mistake with outsized impacts.

Google noted that almost all traffic to its services is encrypted, and wasn’t exposed during the incident no matter what. As traffic pinballed across ISPs, though, some observers, including the monitoring firm ThousandEyes, saw signs of malicious BGP hijacking—a technique that manipulates the web’s Border Gateway Protocol, which helps ISPs automatically collaborate to route traffic seamlessly across the web.

ThousandEyes saw Google traffic rerouting over the Russian ISP TransTelecom, to China Telecom, toward the Nigerian ISP Main One. “Russia, China, and Nigeria ISPs and 150-plus [IP address] prefixes—this is obviously very suspicious,” says Alex Henthorne-Iwane, vice-president of product marketing at ThousandEyes. “It doesn’t look like a mistake.”

Malicious BGP hijacking is a serious concern, and can be exploited by criminals or nation state actors to intercept traffic or disrupt a target service—like Google. But the technique also has a dopey, well-intentioned cousin known as a prefix leak, or sometimes “accidental BGP hijacking.”

In both cases, rerouting occurs when an ISP declares that it owns blocks of IP addresses that it doesn’t actually control. This can be an intentional deception, but can also simply come down to a configuration error that, while disruptive, is not intentional. On Monday, a Google spokesperson said that the company didn’t see signs of malicious hijacking, and instead suspected that the Nigerian ISP Main One had accidentally caused the problem.

“The problem here is a failure to apply basic best current practices to these routing sessions.”

There are minimum best practices that ISPs should implement to keep BGP routes on the up and up. These are important, because they apply filters that catch errors in the event of a route leak and block problematic routes. Not all ISPs implement these protections, though, and in a prefix leak like the one that affected Google, traffic will flow chaotically across networks, not based on efficiency or established paths, but based on which networks haven’t put the BGP safeguards in place and will therefore accept the rogue routing.

Indeed, on Tuesday morning Main One said in a statement that, “This was an error during a planned network upgrade due to a misconfiguration on our BGP filters. The error was corrected within 74mins.”

In this case, it appears that the Russian and Chinese ISPs, and perhaps others as well, offered a path to the Google traffic because they hadn’t implemented protective configurations.

The protocols underlying the internet were written decades ago, in a different era of computing, and many have needed major security overhauls and additions to improve trust and reliability around the web. There was the effort to encrypt web traffic with HTTPS, and the growing movement to secure the internet’s Domain Name System address lookup process so it can’t be used to spy on users, or for malicious rerouting.

Similarly, ISPs and internet infrastructure providers are starting to implement a protection called Resource Public Key Infrastructure that can virtually eliminate BGP hijacking, by creating a mechanism to cryptographically confirm the validity of BGP routes. Like HTTPS and DNSSEC, RPKI will only start to provide true customer protection when a critical mass of internet infrastructure providers implement it.

“This incident had a non-trivial impact because Google and some other prominent network routes were accidentally leaked,” says Roland Dobbins, a principal engineer at the network analysis firm Netscout. “But the problem here, as it is in most of these cases, is a failure to apply basic best current practices to these routing sessions. The key is for network operators to participate in the global operational community, get these kinds of filters put in place, and move to implement RPKI.”

While Google’s incident wasn’t a hack and instead gets into obscure internet protocol drama, the impact for users on Monday was apparent—and shows the pressing need to resolve issues with BGP trust. The flaw has been maliciously hijacked before, and could be again.

Source: Fin24

South African businesses of all sizes, including educational institutions, have been particularly hard hit by an onslaught of cyber-attacks, although this is not always public knowledge, according to Kerry Curtin, cyber risk expert at Aon South Africa.

Cyber risk was ranked as the #1 risk facing educational institutions and is likely to remain so for the foreseeable future, according to Aon’s 2018 global risk management survey.

Curtin says the potential theft or leakage of data, particularly confidential information in an educational setting, should be top of the list in risk planning.

“The need to strengthen institutional resiliency against potential damage, compromising hacks and downtime is crucial,” she adds.

This is because schools, like any other business, are increasingly dependent on technology. The knock-on effect of a cyber incident at an educational facility has the potential to be financially and reputationally catastrophic.

For example, in 2016 it was reported that the University of Limpopo’s website was taken down, leaking exam papers and the details of over 18 000 students, in addition to perpetrators publicly posting what was believed to be the login details for the University’s intranet.

The sheer number of cyber-attacks on educational institutions suggests that the sector is not as prepared as it should be in its efforts to safeguard networks, according to Curtin.

Aon provides the following tips for the education sector:

Safeguard institution-owned devices

All computers, laptops and smart devices owned by the educational institution should at the very least have a current anti-virus programme installed, in addition to adware and malware protection.

One of the biggest threats to any business is the people operating these devices and their naivety regarding cyber risks, so education is key.

BYOD policy

The practice of students and staff members bringing devices to school or university that interact with the institution’s network is very likely. The first line of defence is keeping guest devices separate from the network, allowing the institution to keep data secure on an administrative network, as well as monitor traffic more closely.

When it comes to sending sensitive information, it is crucial to implement a secure file exchange solution that can protect against cyber threats such as phishing scams.

Multi-factor authentication

While passwords alone do not provide adequate levels of security and hackers are able to circumvent physical biometrics such as fingerprint identification as a single layer of authentication, Multi-Factor Authentication (MFA) is fast becoming the next line of defence.

Social media policy

Not only does the policy need to stipulate what is deemed as acceptable behaviour from employees and students, but it also needs to explain what the benefits are of becoming an ambassador for the brand and the legal ramifications inherent to social media platforms.

Fired Moyane demands reinstatement

Source: Fin24

Axed SARS boss Tom Moyane has written to President Cyril Ramaphosa demanding that Ramaphosa withdraw his letter of termination to Moyane before the end of the week.

In a letter issued via his attorney Eric Mabuza on Tuesday, Moyane gave Ramaphosa a deadline of 12 noon on Friday November 9 to withdraw the termination on grounds that the president’s conduct was “irrational, unlawful and invalid”.

“[W]e are instructed to demand, as we hereby do, that you must forthwith withdraw your letter of termination dated 1 November 2018, restore the status quo which obtained before the service thereof (i.e. that our client is suspended with pay pending the outcome of the Disciplinary Inquiry) and duly await the outcome of the pending Constitutional Court application and/or the Disciplinary Inquiry,” the letter reads.

Last week the Presidency confirmed that President Cyril Ramaphosa had fired Tom Moyane as the commissioner of the South African Revenue Service (SARS).

Ramaphosa had heeded the recommendations of the Nugent Commission of Inquiry, which submitted its interim report at the end of September.

Retired judge Robert Nugent and his assistants unanimously agreed that Moyane does not have the character of a person fit to lead Sars and he should be removed from office as a matter of urgency.

By Genevieve Quintal for Business Live

The VBS Mutual Bank is “hopelessly insolvent” and should be wound up as the purpose and object of the bank no longer exists.

This is according to the Reserve Bank’s Prudential Authority’s application to the high court in Pretoria.

The bank was placed under curatorship in March after looting by executives led to a liquidity crisis. A damning Reserve Bank report by advocate Terry Motau and Werksmans Attorneys, released earlier in October, detailed looting at VBS bank of nearly R2bn and identified the role of political players from the ANC and the EFF.

In an affidavit to the high court, Prudential AuthorityCEO Kuben Naidoo said the bank was hopelessly insolvent.

“Despite the efforts of the curator, the vortex of the black hole created by the role-players named in the investigator’s report, has resulted in the disappearance of VBS’s substratum and it being objectively impossible for VBS to achieve the purpose of its existence,” he said.

This decision will not sit well with various ANC MPs and those from the EFF who have called for the bank to be recapitalised.

During his maiden medium-term budget policy statement (MTBPS) last week, finance minister Tito Mboweni also indicated that the embattled bank could be saved. But Naidoo said the restatement of the 2017 financial statements, which were falsified and signed off by KPMG partner Sipho Malaba, was a monumental task for the curator, Anoosh Rooplal, to reconstruct the VBS balance sheet.

The results of this indicated that VBS’s liabilities exceed its assets and therefore it was “factually insolvent”. Naidoo said there was no possibility that VBS would be in a position to pay its debts and there was no possibility or prospect of the bank becoming a successful concern.

Rooplal also determined that curatorship was no longer viable for VBS.

It was necessary to bring an end to the curatorship as it would enable a liquidator to utilise the mechanisms provided by the insolvency and company law legislation, to recover monies from recipients in terms of void and impeachable transactions.

Naidoo said that after receiving a letter from the curator and after considering the investigator’s report he, in consultation with the governors of the Reserve Bank, determined that VBS must be placed in final winding up. “VBS is hopelessly insolvent and massive frauds have been perpetrated against it. There is no prospect of entering into any resolution plan in respect of VBS.”

The present activities relating to VBS are primarily directed at recoveries resulting from the thefts and frauds addressed in the Motau’s report, he said, adding that in the circumstances, it would not serve any purpose to grant a provisional winding-down order, as the conclusion of the “hopeless financial position” and the conduct of those who managed VBS, was unavoidable

He has asked the court to hear the urgent application to finally liquidate VBS on November 13, and has also asked the high court to appoint Rooplal as the liquidator as he has been inextricably involved in the affairs of VBS for the past seven months.

Source: MyBroadband

If your bank card gets stolen and you cancel it, this does not automatically mean that all payments from it will be blocked.

This was the case when two FNB customers contacted MyBroadband about their frustrating experiences with the bank.

The customers both had their FNB bank cards stolen in different scenarios – and both contacted FNB to have their cards cancelled.

Despite cancelling the cards, both users noted small payments still going off their bank accounts via card transactions.

The charges were toll gate fees.

In one case, the customer reportedly asked FNB why the cancelled card could still make transactions. He said he was told by FNB that he would have to blacklist the card, on top of cancelling it, to stop the transactions.

In the other case, the customer stated that all he could do was get a refund for the toll gate fees.

This customer subsequently contacted the toll gates where his card was being used to ask them to block transactions on it.

He also managed to obtain an image of the vehicle using his stolen card – it was a white Toyota minibus taxi with a Gauteng registration.

FNB responds
MyBroadband contacted FNB for feedback on the matter, and the bank confirmed that the bank cards were cancelled as described above.

“Unfortunately, due to toll gate merchants operating in an offline environment, this prevents them from obtaining authorisation from the bank for transactions of this nature. As a result, additional transactions were posted,” said FNB.

“The customer will not incur any loss resulting from fraud in this scenario.”

FNB was asked what a bank customer should do to ensure their cancelled card is not used to make these types of transactions, but the bank did not provide feedback.

Offline transactions
According to PASA (Payments Association of South Africa) documents, lost and stolen card fraud at toll gates has been highlighted as a significant concern in recent years.

“Although toll card transactions are a card present transaction, fast throughput of vehicles is important and transactions are thus processed in an offline and delayed manner – cleared in batch,” states PASA.

“Importantly, unlike any other offline card present card transactions, toll gate transactions are not verified by the cardholder in any way.”

It added that while toll gate transactions are checked against the “Hot Card” file, this “only contains a limited number of all lost and stolen card details”.

OUTA warns of e-toll malware scam

OUTA has notified members on its Facebook page that a highly suspicious SMS is doing the rounds with regards to e-tolls.

The organisation notes that before members of the public can appear in any court for any matter, they need to be summonsed.

This SMS is a scam to cash in on people’s fear in light of the current uncertainty around e-tolls. The link contains a link to documents which contain malware. The public is advised not to open the link, and to delete the SMS immediately.

         

           

Follow us on social media: 

               

View our magazine archives: 

                       


My Office News Ⓒ 2017 - Designed by A Collective


SUBSCRIBE TO OUR NEWSLETTER
Top