FIFI PETERS: If you’ve been following events at Transnet you would know that their IT systems were down for about six days or so. This follows a cyber attack on the group systems. Things have today been restored in most parts of the business, but it does raise questions about government’s readiness to deal with such attacks, as they are becoming a lot more common all over the world.
We have Brandon Naicker, the cybersecurity executive at LAWTrust joining us for more. Brandon, thanks so much for your time. How closely have you been following the story of Transnet?
BRANDON NAICKER: Hi, good day. We’ve been looking at it just in terms of what’s out there in the news. It seems that Transnet was compromised by a major cybersecurity incident. This isn’t uncommon in South Africa, as we’ve seen, lots of large – even small – companies falling victims to cyberthreat actors. Currently the investigation is under way, and we are looking to see what those results yield as to how that attack was performed.
FIFI PETERS: But what does seem common, Brandon, is that a lot of these companies, including Transnet, are caught off guard when it does happen – which raises questions about South Africa’s readiness to deal with such events.
BRANDON NAICKER: Definitely. It seems as if there was a malware attack such as ransomware which was planted on the various IT systems. This is not uncommon as well. We’ve seen quite a number of companies (suffering that). It’s difficult to mitigate these ransomware attacks. One could assume that poor cybersecurity practices led to this compromise, which is quite evidenced by the lack of business continuity and IT disaster recovery plans, which would allow them to at least continue working. The reports you’re seeing are suggesting that they now are working on manual processes, as most of the IT infrastructure is offline. We’ve seen this quite a lot in terms of companies being ill-prepared to manage this risk.
FIFI PETERS: Again, not unique to Transnet, and certainly not unique to South Africa. Earlier on in the year we had a major US pipeline that was hacked and ransom demanded in the form of Bitcoin. I believe the US government did pay and eventually got it back.
Staying in the US, they are still probing around interference regarding the 2016 election. But bringing it back home, should we then be worried that other state institutions may be targeted next after Transnet?
BRANDON NAICKER: Definitely. I think the biggest IT risk that a company can face is not having a mature cybersecurity programme in place that prepares the organisation for scenarios like this. It’s important to have preventive measures in place, but cyber attacks are inevitable; therefore you need to have controls in place to assist in the recovery when a cyber attack happens which (controls) should be based on business processes.
I think it’s important that these recovery plans must include the protection of sensitive information. Stakeholders such as business executives must be able to trust the information at hand during times like this. It is important to have out-of-band mechanisms and communication channels to share documents securely by digitally signing a document to protect the document’s integrity, as there could be malware embedded within the systems that could take months to eradicate. They need to have proper plans in place to make sure that they can recover and continue operations, which it seems Transnet did not have in this case.
FIFI PETERS: Yes. Brandon, thanks so much for your time. We will leave it there. That’s Brandon Naicker, the cybersecurity executive of LAWTrust.
I once had a conversation around cyber attacks, and it seems like the easiest way for these packages to get through, as it were, is by ordinary employees just sending what looks like an innocent email at the time, and just a click of the button allowing the hackers to infiltrate the system. So it really does also speak to the importance of training for employees in a company, even in a state institution, on how better to deal with such incidents given that they are growing in prominence.