More South African entities hit by major security breach
Several entities in South Africa have been compromised by hackers who exploited a security vulnerability in Microsoft’s SharePoint servers, according to Eye Security, the cybersecurity company that identified an early wave of attacks last week.
Hackers breached about 400 government agencies, corporations and other groups around the world, although the number could be a lot higher, the Dutch company said.
Most of the victims are in the US, followed by Mauritius, Jordan, South Africa and the Netherlands, it added.
“We never name individual victims, but can share that in South Africa we’ve seen an organization in the car-manufacturing industry, a university, several local-government entities and a federal government entity,” Eye Security co-owner Vaisha Bernard said by text message.
Two more unidentified organizations have also been hit, and details of the attack have been shared with the nation’s Computer Security Incident Response team, he said.
South Africa’s National Treasury on Wednesday said it’s seeking help from Microsoft after identifying malware on its network. The bug was detected on its Infrastructure Reporting Model website, according to a statement.
“Despite these events, NT’s systems and websites continue to operate normally without any disruption,” it said.
A spokeswoman for the South African Reserve Bank, responding to a Bloomberg question, separately said that there has been no breach of any of the SARB’s systems.
SharePoint is popular with South African institutions and companies who use it to store and collaborate on documents, as well as hosting the software on-premises to provide them with control of the systems and an additional layer of security.
Microsoft has said that attackers are specifically targeting clients running SharePoint servers from their own on-premise networks, as opposed to being hosted and managed by the tech firm.
Microsoft did not immediately respond to request for comment.
Loading ...