Actu
Expert comment on LockBit’s recent attack on South African Government Agency
March 2024 by Matt Aldridge, Principal Solutions Consultant, Opentext Cybersecurity
After the LockBit ransomware group’s attack on the Government Employees Pension Fund (GEPF). For background, GEPF said the Government Pensions Administration Agency (GPAA) subsequently established LockBit holds its victims’ data to ransom. Matt Aldridge, Principal Solutions Consultant, Opentext Cybersecurity says,
“It is unsurprising to see yet another government organisation has fallen prey to ransomware attacks. It is fair to assume that the GPAA was targeted by these nefarious cyber criminals due to the fact they manage sensitive financial and personal data, which demonstrates the importance of robust cybersecurity measures,
This breach was initially undetected by GPAA, indicating the weakness of public infrastructure as well as their security capabilities. This delay enabled threat actors to compromise systems and illegally access consumer data, which could have serious consequences for those who rely solely on pensions.
At this stage, it looks like the right steps have been taken to ensure data safety following the incident by securing the compromised servers. However, the incident raises concerns about the overall security posture and resilience of the organisation’s systems .
Businesses need to be aware of the ever-growing number of vulnerabilities and the type of cybersecurity threats being leveraged at any given time. We recommend all high-risk organisations have multi-layered security strategies in place to maintain trust and protect reputations, and it’s crucial that cybersecurity budgets remain a top priority as cybercriminals continue to increase their resources. Data protection should be front and centre and integrated into every aspect of any robust cyber resilience strategy, as opposed to simply being viewed as a box-ticking exercise.”
