POLITICS

Has DoD been a victim of a ransomware attack? - Kobus Marais

DA MP says unverified reports allege that Snatch group hacked into dept's systems

Has the Department of Defence been a victim of a ransomware attack?

25 August 2023

The Minister of Defence and and Military Veterans, Thandi Modise, should urgently provide clarity on unconfirmed reports claiming that the Department of Defence (DoD), possibly including Armscor, has been a victim of ransomware attack which has compromised sensitive military data, potentially placing the country’s national security at severe risk.

These unverified reports allege that a ransomware group called Snatch hacked into the DoD systems and extracted 1.6TB of data which allegedly contains military contracts, internal call signs, and personal information. The motive for this alleged attack is not clear, other than the fact that the ransom attackers are accusing the South African government of fuelling the “"international illegal arms trade".

Modise should make a public statement, either declining or confirming the veracity of the alleged ransomware attack. If indeed it is confirmed that an attack did take place, we need to know:

When the attack took place?

What kind of information was compromised?

How did the attackers manage to gain entry and compromise the DoD systems?

Whether the attackers have demanded a ransom?, and if so – how much?

While the country waits for a confirmation of this alleged ransomware attack, it won’t be surprising if it turns out to be true. The spending priorities in the DoD have been questionable for some time now – with most of the money going to non-essential defence related expenditure. This may have resulted in the DoD’s IT enterprise architecture becoming outdated and vulnerable to ransomware attacks.

President Cyril Ramaphosa, in his capacity as the Commander in Chief of the Defence Forces, and Min Modise must be held directly responsible if indeed it is confirmed that the DoD was a victim of a ransomware attack. Their neglect of our defence force, to a point where our defence readiness and capabilities are now in serious question, is unforgivable. South Africa’s national security has been severely compromised lately, with the Lady-R breach of national security still fresh in our memories, that it is now easy for criminal elements to breach our sensitive military data.

Depending on what Modise says concerning this alleged attack, I will be writing to the Chairs of the Portfolio Committee on Defence and of the Joint Standing Committee of Defence, requesting that we convene urgently to get answers on the vulnerabilities that our military value chain is exposed to.

Statement issued by Kobus Marais MP - DA Shadow Minister of Defence and Military Veterans, 25 August 2023