Nicola Mawson
Sibanye-Stillwater has become the latest victim of cybercriminals after its IT systems were affected globally, it said yesterday.
The dual-listed mining company experienced the hack four days ago, and alerted shareholders and the Information Regulator yesterday.
Sibanye-Stillwater, which has operations on five continents and mines, among others in platinum, palladium, rhodium and gold, said yesterday it had contained its systems and was bringing them back up slowly in a controlled environment.
The miner added that it is working towards fully mitigating the effects of the cyberattack.
“While the investigation into the incident is ongoing, there has been limited disruption to the group’s operations globally,” it told shareholders.
Sibanye-Stillwater’s spokesperson James Wellsted told Business Report the miner had yet to determine what sort of breach occurred, but the company had not received a ransom.
Wellsted said that the group had also brought in external cyberexperts to assist.
This week, new Public Works and Infrastructure Minister Dean Macpherson, stated that his department had unearthed a cybercrime-related matter that resulted in a staggering R300 million stolen over the past decade.
Another recent incident was the hack at the Legal Practitioners Fidelity Fund in which an entity with administrative rights by-passed its security protocols, and accessed certain sensitive data.
ICT veteran commentator Adrian Schofield told Business Report yesterday it was no surprise that an international company based in South Africa has become a victim.
Although there were currently minimal details, he postulated that the motivation for the cyberattack could include aspects such as gathering personal data to commit further fraud such as ID theft.
He also did not rule out corporate espionage related to Sibanye-Stillwater’s mining operations, and potentially sensitive information that could potentially be used to manipulate its share price, ransomware with the threat of leaking information should money not be paid over or hackers simply doing it because they can.
“Given the prevalence of cyberattacks across the world, it is not necessarily the case that South Africa is particularly vulnerable,” said Schofield.
“Our networks are world class, and we have highly qualified and experienced executives responsible for ICT operations in our major enterprises. There is no doubt that the basic rules and fundamental technologies are in place to protect these companies and other institutions.”
According to undersea fibre provider Seacom the most common cyberattacks include ransomware attacks, phishing, social engineering attempts, and digitally-enabled fraud.
“The sophistication of attacks has recently increased, with cybercriminals employing AI technologies to plan and execute cyberattacks,” it states on its website.
South Africa saw a 22% increase in cyberattacks last year, according to the South African Banking Risk Information Centre.
The centre, while noting that small companies were the most vulnerable, said enterprises remain a high-value target because of the volume of valuable data that they store and process daily.
Last month, Russian multinational cybersecurity and anti-virus provider Kaspersky uncovered a sophisticated evolution of phishing techniques used by cybercriminals to by-pass two-factor authentication (2FA) – a crucial security measure designed to protect online accounts.
Despite the widespread adoption of 2FA by many websites and its mandatory implementation by numerous organisations, cyberattackers have developed advanced methods, combining phishing with automated OTP bots to deceive users and gain unauthorised access to their accounts.
BUSINESS REPORT