South African agency waits three months to reveal data breach — importers and exporters furious
(000228.79-:E-000157.73:N-:R-SU:C-30:V)
South African importers and exporters are livid after the International Trade Administration Commission (Itac) notified them about a ransomware attack — more than three months after it happened.
Itac informed its stakeholders about the security incident this week and said the attack had happened in January already.
Itac’s functions include tariff investigations and import-export controls, requiring a wide range of personal and other sensitive information.
A notice from Itac chief commissioner Ayabonga Cawe warned that the attackers may have exfiltrated personal information submitted to the agency.
“The type of information held on ITAC’s servers includes personal information relating to ITAC’s employees, service providers, importers, exporters and other stakeholders,” it stated.
Cawe excused the delayed notification, saying they first needed to investigate and restore the integrity of their information systems.
“Also, it was considered vital not to pre-empt the investigations that had been initiated since ITAC became aware of the security compromise,” he said.
“We assure you that we have taken all the reasonable steps to contain the security compromise and to reduce the likelihood of similar incidents occurring in the future,” said Cawe.
“Over and above our ongoing investigation, we have requested our forensic service provider to remedy all weaknesses in our information technology environment.”
Cawe highlighted the following steps they took after the attack:
Immediately shut down affected servers and restored them from backups
Upgraded firewall and antivirus measures to the highest possible security levels
Reported the attack to the relevant authorities
Appointed a forensic service provider to conduct vulnerability and penetration testing.
Cawe said the penetration tester would also undertake a comprehensive forensic investigation to understand the nature and root cause of the breach, including the containment and recovery of their systems.
“The service provider will further assist us in ensuring that the remediation process is completed to prevent the reoccurrence of the security compromise,” he said.
However, Itac’s statement did not fill some stakeholders with confidence.
The Sunday Times quoted XA Global Trade Advisors as saying they were alarmed at how long it took Itac to notify potentially impacted companies.
They said clients participating in Itac investigations submit all kinds of confidential information, and they don’t yet know how their customers would react to the cyberattack notice.
Cawe reportedly doubled down, defending Itac’s approach.
He said they waited three months to issue a disclosure notice to avoid panic among stakeholders.
According to Cawe they have been transparent with the Information Regulator about the ransomware attack.
source:https://mybroadband.co.za/news/security/533419-south-african-agency-waits-three-months-to-reveal-data-breach-importers-and-exporters-furious.html
White Shop: A Handful of Hard Men: The SAS and the Battle for Rhodesia
It is difficult to find another soldiers story to equal Watts in terms of time spent on the field of battle and challenges faced. Even by the lofty standards of the SAS and Special Forces, one has to look far to find anyone who can match his record of resilience and valor in the face of such daunting odds and with resources so paltry.
Audio: JEWS107: How Jews think: Emotional Vs Logical Thinking & its consequences for everyone
This is a very important lesson, and it may contain unique observations from my own analysis of these people. In here, you will also learn why Jews are masters of religion, and why that works for them. Christians do not stand a chance against Jews. Jews focus on winning, and Jews will outwit Christians and most whites with ease.
Racism:Taiwanese couple force black worker to have sex with dog
Even the Taiwanese (Chinese really) hate Blacks ...
