Cyber sleuths to probe Armscor hack
Cape Town - Armscor, the acquisition agency for the Department of Defence, has committed a team of “cyber experts” to forensically analyse the full extent of a breach of its computer systems that hold top secret information about how South Africa acquires its military equipment.
However, top information technology experts have expressed concern over the country’s vulnerability after sensitive information has been leaked that may be accessible to global competitors, or worse, waiting criminals.
The Pretoria-based arms procurement agency was hacked on Monday by well-known hacktivist group, Anonymous.
The group leaked 63 megabytes of secret information it procured to the darknet in the form of HTML files which include invoice numbers, order numbers, invoice amounts - including those of local and international defence companies such as Denel, Thales group and Airbus.
In an exclusive interview with the Hacker.com website, the hacktivists revealed that it has access to 19 938 supplier identifications, names and their plaintex passwords.
Special software and expertise is needed to access the darknet to gain the hidden information, which is often used by criminals to gain such sensitive information for personal gain, corporate espionage, or a political upper hand.
Information technology expert Arthur Goldstuck, who is also the managing director of World Wide Worx and the editor-in-chief of Gadget, said it was not that difficult to access the darknet. “All one would really need is a special browser,” he said.
Armscor spokeswoman, Lulu Mzili, said the arms procurement company is aware of the “data breach” of its website. “A team of cyber experts has been convened to conduct a forensic analysis to determine the full extent of this incident. This is to ensure that tighter measures and interventions are in place to prevent similar attempts from recurring,” she said.
While the investigation is underway, Armscor said that the information accessed by the hacktivist group did not contain sensitive and classified content.
“We are aware of the increase in cyber threats, globally; hence information technology infrastructure renewal is one of Armscor’s strategic focus areas,” said Mzili.
Mzili said that Armscor would like to assure its stakeholders that the matter is receiving its undivided attention.
In the interview with Hacked.com, however, the hacktivists said an in-depth scan revealed customer and trade data including customer identifications, company and trading addresses, customer’s names, transaction dates and received check numbers from the last two years.
The hacktivists also confirmed to the website that although they “liberated” about 104 HTML files, it said that no emails or passwords were leaked and transaction details for high profile defense and aeronautical companies were out of public access.
Goldstuck said the leaked information can be dangerous for the weapons procurement company that depends on secrecy for its ability to operate. “This is probably going to cost Armscor weeks of productivity to tape over the holes. If you have passwords and details of individuals, it is easy to target people on platforms as well. People tend to use the same passwords across the internet. A smart hacker can target individuals which can cause the damage to spread even deeper,” he said.
Goldstuck said the Anonymous hack can have a “snowball effect” which exposes Armscor’s dealings to competitors who would potentially use the information to win deals the procurement company could have won. “There is also no question that arms organisations in other countries will take keen interest in this information, this can prove to be damaging to country as well.”
Unconfirmed reports suggest that the motivations behind the hacktivists attack on Armscor could be linked to its involvement on the controversial multimillion-rand leasing of a new jet for president Jacob Zuma, among other procurement deals.