Durban — The South African Defence Force (SANDF) has dismissed claims that its system was hacked following reports that there was a data breach in the military’s information system.
The SANDF issued a statement dismissing these claims and suggested that insider information may have leaked from within one of its own departments.
“It can be confirmed that the system of the Department of Defence has not been hacked. This is the work of criminal syndicates within the cyberspace aided through information leaked from the department,” said the statement.
Last week a hacker group by the name of Snatch claimed credit for the breach, saying it had extracted 200 terabytes of data from the defence’s network.
Snatch, is named from the iconic Guy Ritchie movie and is a backronym for “Security Notification Attachment”.
President Cyril Ramaphosa's phone number is included in the information the group claims it retrieved from the SANDF’s database.
SANDF spokesperson, Siphiwe Dlamini, said after a week of investigations they have found that their systems have never been hacked.
He said there are continuous investigations to find the perpetrators and bring them to book.
South Africans should rest assured that the national defence’s information systems are secure and various measures have been taken to ensure state and classified information is not compromised, he said.
“Preliminary investigations have been conducted by the department in this regard. The Department of Defence has policies in place that prohibit unauthorised access and sharing of classified information,” said Dlamini.
The attackers who claimed responsibility for breaching the South African Department of Defence and exfiltrating data have told news site, “MyBroadband”, that they still have access to the network, in an interview they did with the site.
Snatch has subsequently told “MyBroadband” that they’ve had access to the defence’s systems for around six months and downloaded 1.6TB of data — the claimed uncompressed size of the archive posted to their website.
“The attack on South Africa has lasted for about half a year, starting as early as the end of 2022,” Snatch said.
“Ministry of Defence officials were categorically unwilling to accept information about penetration into the secure government network.”
Snatch said it made its first calls with warnings that the network is vulnerable in November 2022. They said they contacted the same officials on the list they posted to their website.
WhatsApp your views on this story to 071 485 7995.
Daily News