Broadcast Type: Interview; Tags: State, Entities, Fallen, Victim, Hacking, Attack, Time, Ransomware, Attack, Infiltrated, International, Trade, Illustration, Commissions, Database, Damage, Joined, Attacks, Chief, Commissioner, Ayabonga, Cawe, Understand, Happening
another one of our state has entities fallen victim to a hacking attack time a ransomware this attack infiltrated the international trade and illustration commissions database and did there i'm joined some damage on the line by attacks chief commissioner ayabonga at cawe to take a look this and just understand what's happening here good evening commissioner always happy you i wish it were to under speak to better circumstances can you just give us some what's insight around happened and the extent of the breach good evening to you at jimmy and evening to your listeners good much for giving and thank you so us a chance to this particular to speak matter indeed we to speak often prefer to you under much better circumstances but it is what it is think and i as we've communicated over the last or so certainly day power of course we not isolated are as an entity on the receiving that has been end as production indicates also i think but globally a phenomenon are that we observing this phenomenon of fibre intrusion this instance in what has happened in our that case is that we our systems had a breach of where some of our interrupted services were by ransomware effectively affecting functioning some of the of our system give so maybe just to some of our listeners an indication what is meant by of this so we would ordinarily in our work also have service on site that then would kind of back some of up the large amounts you would of data as imagine that we would handle this would be the data and export of import and as some of our own so personnel and on and that is precisely those services that were reported earlier on this year effectively and disrupted and disturbed some of our work for some time now commissioner obviously the service and all the information that you have custody of is confidential information and you'd aim protect this to the extent of the ransomware has that been attack measured or quantified know which do you clients are affected and potentially what type of sensitive information may be compromised we can't really well say at this stage i think the statement that we and yesterday put out indicated that since we became aware of this and responded accordingly we have then subsequently i guess informed the south african police service and also we are working alongside regulator the information and alongside that we've also forensic commissioned a probe and that probe the following has to understand one how did this breach happen because for us at the time probably we had a few weeks prior to that made some considerable investment in our i infrastructure c t as part of our modernisation would want to so we understand this happened how it is that in the first instance to that but second what is the nature of information the that would have possibly been expelled the system from at this say stage we can't really because that probe is undertaking its and we certainly work pleased with our stakeholders those who and would have submitted all manner of information to itec to be patient that and allow process to run its course think once and i receive we are in a position to some indication on those two will issues we definitely be in a position to communicate commissioner do we know if the attack cos were the same that infiltrated the c c p in march and other government organisations or do we not have any clear information the around attacks as well we don't know the attacks are who in this don't know who case i also the attacks were the cipc who attacked so so i can't really say but i think in this instance we know who the attacks don't were and going forward the mitigation measures that you've put you touched on in place the fact that the business has or the organisation has efforts put in place to beef up the infrastructure to even prior this attack does this then you have to mean that change what you had in place or is it waiting put for outcome of the the investigations to identify gaps where the are and then a plugging the gaps as permanent solution ja three ja look i think things just briefly the first to me i think one is indeed correct your observation is we had already undertaken a process to one modernise our survey infrastructure investing capability some cloud and a range of investments to secure the very important information that would us sit with the second thing is that on guess i becoming aware of this we then to take some short had term measures one to ramp up some of that capability so is that that in the first instance shutting down one included the effective service that was then followed by restoration from some of our backup tapes so in addition to the service do back we up on certain kind infrastructure of cape as well and that to speedily then allowed us respond and recover the environment then i and think the third one is that we then had to upgrade our firewall where infrastructure firm our ports in particular for email correspondence we have to also ramp up our anti virus software to the highest levels security that are of available said and then as i of course commissioned this forensic probe identify to the root cause and also subsequently understand the extent and the the breach i guess nature of involved here all well we wish you the best in discovering the infiltrated dealing with that and accordingly we'll keep on that and hopefully an eye the information been compromised that has can be secured leave it at that going forward we'll commissioner thank you for the time and for the clarity is commissioner there that chief commissioner at the international and administration trade commissioner commission sorry ayabonga cawe me to reflect on joining the latest ransomware that affected attack the commission