By Given Majola for IOL

While cybercrime has increased significantly, there are not enough cybersecurity professionals to keep businesses and individuals safe, leaving them in great jeopardy, says Fortinet regional sales manager Doros Hadjizenonos.

He said the shortage of skilled cybersecurity professionals was in the millions globally – affecting up to 82 percent of organisations and possibly tens of thousands in South Africa.

“The Life and Times of Cybersecurity Professionals 2021 report from the Information Systems Security Association and the industry analyst Enterprise Strategy Group shows the cybersecurity skills shortage has not improved and the State of Cybersecurity 2021 reports that 55 percent of survey respondents have unfilled cybersecurity positions.

“At the same time, cyberattacks are soaring. FortiGuard Lab’s midyear Global Threat Landscape Report reveals that ransomware alone has grown over tenfold over the past 12 months,” said Hadjizenonos.

Fortinet, an American multinational corporation that develops and sells cybersecurity solutions, said in the face of a growing cybercrime onslaught, industry leaders, governments and civil society were questioning where the necessary cybersecurity skills would come from to defend organisations against the risks.

Hadjizenonos said in South Africa they believed the answer to the skills shortage lay within the ranks of smart but unemployed youth.

“With up to 44 percent of our labour force without work and as many as 59.5 percent of unemployed people under the age of 35, we have a vast army of potentially tech-savvy people capable of being trained into cyber security positions.

“What’s more, many of these unemployed young people have tertiary qualifications: the graduate unemployment rate is 40.3 percent for those aged 15 to 24 and 15.5 percent among those aged 25 to 34.”

The firm said with the right training and experience, these young people had the potential to bolster a new cyber defence force to support the country’s Fourth Industrial Revolution.

To close the gap, Fortinet said it was committed to closing the cybersecurity skills gap challenge by providing training, certifications and resources through its Training Advancement Agenda initiatives and NSE Training Institute programmes.

Fortinet said it has made all of its self-paced online courses from the Network Security Expert Training Institute available for free, to give all levels of students or information and communications technology practitioners a foundational and advanced understanding of cybersecurity tools and principles.

Since making more than 30 courses available free to anyone worldwide, there have been more than one million registrations for the training courses.

Those interested in transitioning into a career in cybersecurity could also take advantage of Fortinet’s education pathways to enhance their skill sets in specialised areas such as security operations, security-driven networking, adaptive cloud security and zero trust access.

Meanwhile, the Security Academy Programme enables educational institutions around the world to help learners become part of an elite group of skilled cybersecurity professionals.

There are now 420 authorised security academies in 85 countries and territories around the world, including five in South Africa.

Fortinet said it had bolstered its commitment to address the cybersecurity skills gap by pledging to train one million people globally across the next five years through its various training programmes and corporate social responsibility efforts.

 

School robbed of laptops, groceries

By Molaole Montsho for IOL

Four men were arrested for allegedly stealing 18 laptops, a projector and groceries valued at R78 000 from a school in Bloemfontein on Tuesday.

Free State police spokesperson Brigadier Motantsi Makhele said the men, aged between 17 and 25, were arrested on Tuesday morning after police acted on an intelligence-driven operation around Ipopeng and Freedom Square.

“A principal from the local school in Olive Hill, Navalsig, received an alarm notification from school. Upon arrival at about 08.30, he realised that a window to the storeroom was broken. He discovered that 18 HP laptops, school feeding scheme groceries and a projector, all valued at R78 000, were stolen. A case of burglary was opened for investigation,” Makhele said.

The first suspect was apprehended in Ipopeng, where one laptop was recovered. Information led police to Freedom Square where 11 more laptops were recovered and three suspects arrested, Makhele said.

“Upon further investigation, police recovered three more laptops that were already sold to a second-hand goods dealer in town. Investigations are under way to recover the remaining laptops.”

The four are expected to appear in the Bloemfontein Magistrate’s Court soon facing charges of business burglary and the possession of suspected stolen property.

Free State provincial commissioner Lieutenant-General Baile Motswenyane advised residents to refrain from buying suspected stolen goods as they would also be charged. She encouraged second-hand goods dealers to request proof of ownership when they bought second-hand goods.

In the Eastern Cape, two men were arrested on Tuesday in connection with a house robbery in Gelvandale, police said.

Spokesperson Captain Sandra Janse van Rensburg said a woman was woken by a noise at 1am to find three men in her bedroom.

The suspects fled with a television set and her cellphone.

The woman woke up the other occupants in the house and, while they were waiting for the police to arrive, the suspects returned. As the police arrived on the scene, they were informed that the the suspects had returned and a description of the suspects was provided to them.

The police received information that the men were hiding in a house in Gelvandale.

Two suspects were arrested and the stolen television set recovered.

The suspects, aged 19 and 20, were arrested on charges of house robbery and will appear in the Gelvandale Magistrate’s Court during the week.

 

The entirety of Twitch has been leaked

By Chris Scullion for Video Game Chronicles 

An anonymous hacker claims to have leaked the entirety of Twitch, including its source code and user payout information.

The user posted a 125GB torrent link to 4chan on Wednesday, stating that the leak was intended to “foster more disruption and competition in the online video streaming space” because “their community is a disgusting toxic cesspool”.

VGC can verify that the files mentioned on 4chan are publicly available to download as described by the anonymous hacker.

One anonymous company source told VGC that the leaked data is legitimate, including the source code for the Amazon-owned streaming platform.

Internally, Twitch is aware of the breach, the source said, and it’s believed that the data was obtained as recently as Monday.

Twitch has confirmed the leak is authentic: “We can confirm a breach has taken place. Our teams are working with urgency to understand the extent of this. We will update the community as soon as additional information is available. Thank you for bearing with us.”

The leaked Twitch data reportedly includes:

  • The entirety of Twitch’s source code with comment history “going back to its early beginnings”
  • Creator payout reports from 2019
  • Mobile, desktop and console Twitch clients
  • Proprietary SDKs and internal AWS services used by Twitch
  • “Every other property that Twitch owns” including IGDB and CurseForge
  • An unreleased Steam competitor, codenamed Vapor, from Amazon Game Studios
  • Twitch internal ‘red teaming’ tools (designed to improve security by having staff pretend to be hackers)

Some Twitter users have started making their way through the 125GB of information that has leaked, with one claiming that the torrent also includes encrypted passwords, and recommending that users enable two-factor authentication to be safe.

If you have a Twitch account, it’s recommended that you also turn on two-factor authentication, which ensures that even if your password is compromised, you still need your phone to prove your identity using either SMS or an authenticator app.

To turn on two-factor identification:

  • Log on to Twitch, click your avatar and choose Settings
  • Go to Security and Privacy, then scroll down to the Security setting
  • Choose Edit Two-Factor Authentication to see if it’s already activated. If not, follow the instructions to turn it on (you’ll need your phone)

The torrent also reportedly includes Unity code for a game called Vapeworld, which appears to be chat software based on Amazon’s unreleased Steam competitor Vapor.

Meanwhile, Vapor, the codename for an alleged in-development Steam competitor, is claimed to integrate many of Twitch’s features into a bespoke game store.

Finally, the leaked documents allegedly show that popular streamers such as Shroud, Nickmercs and DrLupo have earned millions from working with the popular streaming platform.

What it doesn’t include is money that streamers have earned outside of Twitch, including merchandise, YouTube revenue, sponsorships and external donations.

The anonymous leaker has stated that this is just the first part of the content due to be leaked, but hasn’t stated what they plan to also release.

One cyber security expert said on Wednesday that, if fully confirmed, the Twitch hack “will be the biggest leak I have ever seen”.

Twitch has regularly found itself under fire from creators and users who feel the site doesn’t take enough action against problematic members of the Twitch community.

Last month a group of Twitch streamers called on other channels and viewers to boycott the site for 24 hours as a response to hate raids.

On the same day as the campaign was initially announced, Twitch posted a thread on Twitter explaining that it was attempting to stop hate raids but that it was not “a simple fix”.

“No one should have to experience malicious and hateful attacks based on who they are or what they stand for,” it stated. “This is not the community we want on Twitch, and we want you to know we are working hard to make Twitch a safer place for creators.

“Hate spam attacks are the result of highly motivated bad actors, and do not have a simple fix. Your reports have helped us take action – we’ve been continually updating our sitewide banned word filters to help prevent variations on hateful slurs, and removing bots when identified.

“We’ve been building channel-level ban evasion detection and account improvements to combat this malicious behaviour for months. However, as we work on solutions, bad actors work in parallel to find ways around them – which is why we can’t always share details.”

 

Department of Justice hacked

By Jan Vermeulen for MyBroadband

At least 1 200 files were exfiltrated from Department of Justice computer systems before attackers infected them with ransomware and brought South Africa’s legal system to its knees.

This is according to a notice published by the Information Regulator of South Africa to inform its users of the breach.

It said that according to the Department of Justice and Constitutional Development (DoJ&CD), these files may have contained personal information such as addresses and bank account details.

Personally identifying information of South Africa’s information officers may also have been exposed.

The Information Regulator said that the following personal information might have been exposed:

  • Names, addresses, identity numbers, and phone numbers of information officers
  • Names, residential addresses, identity numbers, phone numbers, qualifications, bank accounts, and salaries of employees
  • Names, addresses, and bank details of the service providers.

The Regulator noted that this is just an early indication of the type of personal data that might have been compromised.

“The DoJ&CD has indicated in its report to the Regulator that at this stage, the investigations are inconclusive in terms of the exact nature of the information that was sent outside the ICT systems of the DoJ&CD,” it stated.

“Therefore, the types of personal information of its data subjects that may have been compromised is not yet determined.”

In addition to details of the data breach, the Information Regulator also revealed that it only found out about the attack because of a media statement issued by the DoJ.

“The Regulator became aware of the possible security compromise through a media statement on 9 September 2021 and was officially notified on 13 September 2021,” it stated.

It was only formally notified after reminding the department of its obligation to notify the Regulator and data subjects per section 22 of the Protection of Personal Information Act (POPIA).

The Information Regulator explained that the attack on the DOJ&CD places it in a curious position.

When the Information Regulator was established, as an interim measure, its computer systems were set up under the structures of the Department of Justice.

This makes the Information Regulator a “data subject” of the department and a “responsible party” that must notify its own data subjects in terms of POPIA.

The DoJ&CD was hit by a ransomware attack on 6 September, knocking several critical systems offline. These included:

  • E-mail
  • Bail services
  • Payment of child maintenance
  • No way to correspond with magistrates or judges — no one can file court papers
  • Recording and transcription of court proceedings offline
  • Master’s offices

Several cases in South Africa’s lower courts were postponed due to the outage, and the court system remains disrupted as the DoJ&CD works to restore its IT systems.

On 17 September, the department said it had recovered some functionality of its system for child maintenance payments, MojaPay.

The Master’s Offices around South Africa have been forced to revert to manual systems, also causing severe disruptions with the following services impacted:

Deceased estates — including issuing letters of executorship and urgent payments out of frozen bank accounts
Curatorships
Orphans whose affairs are being managed by the state
Democratic Alliance MP and former prosecutor Glynnis Breytenbach has said that the disruption to the Master’s Offices is a significant concern.

“They are no longer geared to operate manually. They don’t have the staff,” she stated.

“We need to get these systems back up and running. The Master’s office is so dysfunctional this is going to be the last straw,” she said.

Example of ransomware note without specific amount demanded, pointing victim to a dark web chat service.
The Information Regulator said it currently does not know the person’s identity that broke into the DoJ&CD’s systems. An investigation is underway.

In correspondence received from the DoJ&CD dated 20 September 2021, the Regulator was informed that the issue was detected within the Citrix environment — where applications are hosted.

Connectivity was lost between application and database servers on the evening of 05 September 2021, and, as a result, all user accounts on the Active Directory were locked.

The analysis of the attack concluded that it was a malware infection suspected to be ransomware.

The DoJ&CD informed the Regulator that even though the person’s identity that breached their systems is unknown, the investigation has led to the discovery of text files consistent with ransomware.

These files contain instructions to the department to contact what seems to be the perpetrators.

However, the DoJ&CD has advised that no demand for money has been made as of 20 September 2021.

A source has told MyBroadband that the claim from the DoJ that they didn’t receive a ransom amount is incorrect and that the attackers have asked for 50 bitcoin — around R33 million.

The DoJ&CD has disputed this and maintained that it has received no ransom demand.

 

Absa launches facial recognition

By Masabata Mkwananzi for IOL

Absa has officially launched its facial recognition technology in its Android and iOS apps. Now, customers can easily link their unique facial features with their mobile devices to create even greater security.

According to Absa, the ID Facial Biometrics uses facial mapping technology to verify and identify customers when linking a device to their Banking App, and this will provide an additional layer of security.

“Technology is leaping ahead faster than ever, and it’s up to us to ensure that you stay right at the cutting edge. We are, therefore, proud to introduce the Absa ID Facial Biometrics to our Absa Banking App,” the statement reads.

The bank adds that the ID Facial Biometrics will link your unique facial features to your mobile device to create a security barrier that only you can unlock.

The new feature is said to improve the customer’s overall banking experience by reducing trips to the bank to link their devices to their banking app. Now, Absa can safely and seamlessly identify and verify you using your unique face.

“The technology will recognise your face and automatically link your relevant accounts and products, and make immediate payments more securely and conveniently,” the statement said.

Absa says its biometric facial recognition technology is a first for its digital banking security, backed up with highly acclaimed honours. It previously won the Best Digital Innovation Initiative in the Transaction Banking category at the Digital Banker Middle East & Africa Innovation Awards this year.

Here’s what a user will need to set up Absa’s ID Facial Biometrics feature:

  • The latest version of the Absa Banking App
  • A valid cellphone number registered with Absa
  • A valid identification photograph with the Department of Home Affairs

 

By Vernon Pillay for IOL

Debt-IN, a debt recovery solutions partner to many South African financial services institutions, including African Bank, has announced that a ransomware attack by cybercriminals has resulted in a significant data breach of consumer and employee personal information.

It is suspected that consumer and personal information of more than 1.4 million South Africans were illegally accessed from Debt-IN servers in April this year.

It should be noted that this breach only came to light last week with the discovery that confidential consumer data and voice recordings of calls between Debt-IN debt recovery agents and financial services customers had been posted on hidden internet sites that are only accessible by a specialised web browser.

According to Debt-IN, the company is working closely with the regulator, law enforcement agencies and other cyber-security partners to rapidly gather facts, resolve the issue and provide ongoing information to clients.

Earlier on Wednesday, African Bank confirmed that one of its appointed professional debt recovery partners, Debt-IN, was targeted by cybercriminals in April 2021.

According to a statement by the bank, Debt-IN is now aware that the personal data of certain customers, including a number of African Bank Loan customers under debt review, has been compromised.

African bank said that Debt-IN is confident that no data shared post-April 1, 2021, has been compromised.

“A robust mitigation plan has been implemented by Debt-IN to contain and reduce any further adverse impact,” the bank said on Wednesday.

“We have been collaborating with Debt-IN to address this breach. We have notified the relevant regulatory authorities, and we are also in the process of alerting customers who have been affected via email and SMS.”

African Bank customers can call 0861 111 011 if they suspect any fraudulent activity on their accounts.

According to the debt recovery firm: “While the investigations are ongoing and the analysis subject to change, the findings to date show there has been no further breach and enhanced data protection measures remain securely in place.”

“The company has taken immediate and appropriate actions to reinforce existing security measures and to mitigate any further potential impacts of the breach, including assembling a team of highly regarded and globally experienced cyber breach and forensic experts to work with Debt-IN on the incident.”

“Debt-IN deeply regrets this cyberattack, and we apologise unreservedly for the inconvenience and anxiety this the data breach has caused our clients, and their customers,” says Mark Essey, CEO.

“We are taking this matter very seriously. In this age of highly sophisticated information security threats and an estimated 17 billion cyberattacks around the world every day, Debt-IN is committed to doing all it can to protect clients’ information.

 

Hawks arrest Experian breach suspect

Source: ITWeb

The Hawks’ Serious Commercial Crime Investigation unit has arrested a 36-year old suspect in Gauteng for his alleged involvement in last year’s Experian data breach.

Last August, credit bureau Experian suffered a data breach that exposed the personal information of as many as 24 million South Africans and 793 749 business entities to a suspected fraudster.

In a statement released today, the Hawks says Experian is believed to have entered into a contract with the suspect who was disguised as a business owner.

“The suspect purported to be a certain Tebogo Mogashoa, a director of Talis Holdings. The agreement [with Experian] gave the person access to the personal information held by the credit bureau of millions of people. The suspect then proceeded to download approximately 23 million personal data records and 727 000 business records. The suspect then attempted to sell these records at about R4.2 million,” the Hawks statement reads.

Following the data breach incident, it emerged that some data from the credit bureau was later compromised and dumped on the Internet.

According to a report by iAfrikan, after investigations and a tip-off, the alleged Experian database was made available on the Web – on publicly viewable Web sites and forums.

Experian confirmed at the time that the files found on the Internet were identified as files which contain Experian data relating to the data breach incident, noting that it was taking all steps available to investigate the incident and reduce further dissemination of information.

A new fake online shop is scamming South Africans out of money by claiming to sell stolen goods recovered from the looters who ransacked stores in July’s unrest. This is according to a recent report by MyBroadband.

  • Bulksales.store was brought to the attention of MyBroadband after one of our forum members asked whether it was a scam site
  • It has one Hellopeter rating was available — a negative review from a customer claiming to have lost money and stating that the store was a scam
  • The site looks clean, with a professional-looking design
  • It carries huge discounts on premium tech products, which included products like an Xbox Series X selling for R6,000, a discount of 50% from its normal price R12,000
  • The site claims that it was selling the items “so that all looted store (sic) can get their insurance payouts”
  • Major retailers like Game, Makro, Incredible Connection, HiFi Corp, Matrix and iStore were shown on the page, implying that the recovered loot was originally from these stores, but such stores deny they are reselling stolen goods
  • Contact Us section had a warehouse address which was actually an office space
  • No contact number available, only an email address
  • Plagiarised Terms and Conditions copied largely (83%) from a business-to-business marketplace called Lantador
  • Suspicious Return/Refund section was generated using a generator tool
  • Expensive courier options with a R1,800 Express option.
  • Unusually long delivery times ranging from 3 (Express) to 31 days (Standard)
  • The support phone number was listed on Truecaller as “Scam”

Source: News24

Shoprite has decided not to reopen six of the 231 stores that have been “significantly” damaged during the civil unrest in KwaZulu-Natal and Gauteng in July.

Some 83 stores remained closed, with 47 of these stores “significantly impacted by fire”.

“[The] process of reopening for these stores will be mixed: some may open in the coming months, some may take a year, others will require new premises,” the group said.

In a presentation, Shoprite CEO Pieter Engelbrecht said that the group managed to reopen some stores that were “completely destroyed” within six days.

Unrest damage will be covered by insurance, and Shoprite already received its first payment from the state insurer Sasria. But some costs, including additional security at other stores during the unrest, can’t be recouped.

Engelbrecht said that at stores that were not damaged during the unrest, sales momentum was “very good” following the year-end. Its full-year dividend increased by 42% to 544 cents per share.

How Sasria will pay unrest claims

By Khulekani Magubane for News24

As the South African Special Risk Insurance Association (Sasria) works through claims in the wake of violent unrest and looting in July, any allocations beyond the R3.9 billion it got in July will be outlined in Finance Minister Enoch Godongwana’s medium-term budget policy statement.

This according to National Treasury’s deputy director-general for public finance, Mampho Modise, who was briefing Parliament’s Standing Committee on Appropriations on Tuesday.

The public unrest and looting in July had its beginnings in the outcry following the incarceration of former president Jacob Zuma for disregarding the Constitutional Court and refusing to subject himself to the Judicial Commission of Inquiry into State Capture. However, this quickly morphed into waves of violence that saw the looting and destruction of businesses, mostly in KwaZulu-Natal and Gauteng, with the cost of unrest exceeding R20 billion in KwaZulu-Natal alone and the impact on national GDP estimated to be R50 billion.

Sasria is a National Treasury entity that provides cover for loss or damage to insured property due to terrorism, political violence, strikes and riots. It has cover of up to R500 million and additional coverage of R1 billion. The association cannot cancel nor refuse cover. It said earlier in August that claims related to the violence had already surpassed R10 billion.

Modise also told the Standing Committee on Tuesday morning that a special appropriation bill to the tune of R32 billion would be funded through last year’s “higher-than-expected” revenue and would also go towards providing support towards people and businesses affected by July’s unrest, including those not covered by Sasria.

Modise said the allocations would be made in terms of the Public Finance Management Act (PFMA) and guidelines of each department. She said on top of higher-than-expected revenues, National Treasury requested that government departments re-allocate funds internally, rather than asking for more money.

“Funding for five votes was allocated, splitting the allocations in terms of section 16 of the PFMA for emergency funding and provisions for the Department of Trade Industry and Competition to assist companies affected [by the unrest], but not covered by Sasria,” said Modise.

Modise said the allocations of the special appropriation included R10 billion for the Department of Social Development, R1.3 billion for small businesses support to the Department of Trade, Industry and Competition and R3.9 billion for Sasria.

She said R16.7 billion for social development as well as R700 million to the Department of Defence and Military Veterans for the deployment of South African National Defence Force personnel and R250 million to the Police Ministry for appointment of more personnel to respond to unrest.

Regarding Sasria, Modise said National Treasury has been engaging regularly with the state-owned insurer and said the R3.9 billion injection gave Sasria room to balance its books as it works through claims.

“Because they don’t know how much they will need, since they have not assessed all of the claims, there is R3.9 billion and if there is more it can be dealt with in the medium-term budget policy statement, but this R3.9 billion is there to assist them,” Modise said.

Modise said 13.2 million people were likely eligible for a South African Social Security Agency’s Social Relief of Distress grant, which includes 7.3 million caregivers. A total of R26.7 billion will be transferred those in need.

Modise said the Department of Small Business Development and the Department of Trade, Industry and Competition made proposals for adjustments, with the Department of Small Business Development committing to reallocate R300 million internally.

The Department of Trade, Industry and Competition told National Treasury it will need R3 billion, but Treasury identified funds that could be reallocated. Following this, the department said it would reallocate R700 million from existing funds.

“When the riots started, the two departments approached Treasury. The Department of Small Business Development did a survey on the impact of the unrest and spoke to businesses. They are trying to do this on a continuous basis to update their numbers,” Modise said.

She said the Department of Public Works and Infrastructure would get R600 million for the refurbishment of critical infrastructure. A loan facility will assist manufacturers affected by unrest through restocking, fitting and other functions, she added.

She said the retail recovery support fund will provide interest-free loans to companies that are not covered by Sasria. Modise said the R12 billion contingency reserve has not be used for any new items outside of the health interventions.

The Standing Committee on Appropriations chair Sifiso Buthelezi said Sasria was due to appear before the committee on 8 September.

 

Follow us on social media: 

               

View our magazine archives: 

                       


My Office News Ⓒ 2017 - Designed by A Collective


SUBSCRIBE TO OUR NEWSLETTER
Top