| Hacker let eNatis off lightly - expert
|
| |
| Trade and Industry Correspondent |
| |
| THE ease with which the transport department’s new electronic vehicle registration system, eNatis, was hacked into this week was indicative of a dramatic increase in the number of information technology security breaches in SA, an industry expert said yesterday.
|
| |
| Wolfgang Selzer, who heads the information and communications technology security division at technology consultancy Exponªnt, said the transport department “must count itself lucky that the hacker chose vanity over greed” by wanting to show off rather than damage the system.
|
| |
| He said the hacker, who signed the department’s website with his computer acronym, could have remained anonymous and fraudulently used the data of millions of motorists stored on the system.
|
| |
| The hacker left his or her signature, marking the top of the eNatis website with the words: Hacked by Tao.
|
| |
| Members of the public who visited the website and clicked on the “How Do I” link were also met with a virtually blank page bearing the words: Sorry Bro. |
| |
| Selzer said: “There has been a dramatic increase in the number of security breaches on a daily basis, which shows that the bad guys are stepping up their efforts to penetrate networks.
|
| |
| “Unlike the recent past when the majority of hacking was done for fun, recent attacks against clients of the big four banks, where they were asked to disclose their account numbers and PIN number to fraudulent websites, showed very clearly that profit was the motive and that criminal syndicates were involved.
|
| |
| “These expeditions are estimated to have netted criminal syndicates millions of rands in ill-gotten gains.”
|
| |
| The transport department said yesterday it had launched an investigation into how the eNatis home page was hacked into.
|
| |
| “We are going to find out who did it and be more vigilant,” said departmental spokesman Collen Msibi. He said that the eNatis database was not hacked into, only the section allowing for public comments.
|
| |
| “The South African public can rest assured that the eNatis system is not open to the public and hackers of the website would not get one millimetre closer to the eNatis database by doing this,” the department said.
|
| |
| However, Selzer said the increase in hardware and software solutions, such as firewalls, anti-virus and antispyware that promised “total protection”, had created a false sense of security.
|
| |
| “With the proliferation of information across networks that include a variety of appliances, including cellphones, hand-held computers and memory devices like memory sticks, the risk associated with the unauthorised accessing of data is growing at an exponential rate,” said Selzer.
With Sapa |
| |
