The South African National Defence Force has dismissed claims that its system was hacked following reports that there was a data breach in the military’s information system.
THE SOUTH African Defence Force (SANDF) has dismissed claims that its system was hacked following reports that there was a data breach in the military’s information system.
The SANDF issued a statement dismissing these claims and suggested that insider information may have leaked from within one of its own departments.
“It can be confirmed that the system of the Department of Defence has not been hacked. This is the work of criminal syndicates within the cyberspace aided through information leaked from the department,” said the statement.
Last week a hacker group by the name of Snatch claimed credit for the breach, saying it had extracted 200 terabytes of data from the defence’s network.
Snatch is named after the iconic Guy Ritchie movie and is a ackronym for “Security Notification Attachment”.
President Cyril Ramaphosa’s phone number is included in the information the group claims it retrieved from the SANDF’s database.
SANDF spokesperson Siphiwe Dlamini said that after a week of investigations they have found that their systems have never been hacked.
South Africans should rest assured that the national defence force’s information systems are secure and various measures have been taken to ensure state and classified information is not compromised, he said.
He said there are continuous investigations to find the perpetrators and bring them to book.
“Preliminary investigations have been conducted by the department in this regard. The Department of Defence has policies in place that prohibit unauthorised access and sharing of classified information,” said Dlamini.
The attackers who claimed responsibility for breaching the South African Department of Defence and exfiltrating data have told news site “MyBroadband” that they still have access to the network, in an interview they did with the site.
Snatch has subsequently told “MyBroadband” that they’ve had access to the defence’s systems for around six months and downloaded 1.6TB of data — the claimed uncompressed size of the archive posted to their website.
“The attack on South Africa has lasted for about half a year, starting as early as the end of 2022,” Snatch said.
“Ministry of Defence officials were categorically unwilling to accept information about penetration into the secure government network.”
Snatch said it made its first calls with warnings that the network is vulnerable in November 2022. They said they contacted the same officials on the list they posted to their website.
