Sunday, December 14, 2008

SA government hacked

By Graeme Hosken

A syndicate of Internet thieves has stolen more than R400-million from government departments, including the Presidency.

Two computer identity-theft hackers, believed to be the masterminds of the cyber gang, were nabbed by the police this week.

These follow the earlier arrests of 13 people involved in stealing millions of rands from government departments and employees across the country.

The syndicate allegedly hacked into computer systems linked to the Presidency using specialised spy software (spyware) programs.

The Internet-based syndicate, which had operatives in banks and government departments, is alleged to be behind the theft of R400-million from bank accounts of the departments of Home Affairs and Public Works, the licensing department, several parastatals and financial institutions, as well as from staff working in the various organisations over the past two years.

The syndicate, the members of which have been arrested over the past month, was bust during an operation conducted by the South African Police Service's Covert Intelligence Collective Directorate and the Commercial Crime Unit.

The operation, dubbed Operation Swift, had detectives and undercover agents raiding houses in Tshwane and North West. The latest arrests were made in Centurion and Ramokokastad, North West.

The arrests bring an end to what has been described as the country's biggest cyber attack on government organisations.

The theft, say police, allegedly took place through fraudulent electronic funds transfers (EFTs) from the various institutes and its staff members' accounts since 2006, and saw the syndicate, which comprises small business owners and IT specialists employed in both the government and the private sector, siphoning off money to fictitious bank accounts.

Police spokesperson Senior Superintendent Tummi Golding said the latest arrests followed information received from undercover operatives.

She said the information showed that since 2006 the suspects had allegedly stolen more than R5-million from the Office of the Presidency's budget.

"One of the suspects was arrested in Centurion in a townhouse he rents and the second was arrested at his home in the North West town of Ramokokastad," she said.

Golding said the men, aged 40 and 36, would appear in the Pretoria Magistrate's Court soon on charges of fraud.

Golding said that during the arrests, police seized a Mercedes-Benz SLK and a Harley-Davidson motorbike, which had allegedly been bought with fraudulent documents.

She said that in other raids conducted as part of the operation, police raided several houses in Soshanguve, where they arrested five people and seized two laptop computers, two printing machines, a laminating machine and documents used to commit the alleged fraud.

Explaining how the syndicate operated, Golding said the group operated by infiltrating targeted departments and institutions and installing spyware on their IT systems.

"The spyware was used to collect the user names and passwords of users of the government salary systems.

"Once this information is compromised, it is used to effect fraudulent EFTs into bank accounts opened by runners using fraudulent documents.

"In some cases, government officials within IT departments used remote access software available on the commercial market to gain unauthorised access and modify the banking details of registered suppliers," she explained.

Golding said the syndicate also targeted bank officials for recruitment and facilitation of fraudulent transactions.

"These bank officials load stop orders from bank accounts of government departments using compromised user names and passwords of other bank employees.

"The funds are transferred into fraudulently opened bank accounts using the details of registered business entities.

"As well as this, the syndicate, in collaboration with government officials, used compromised log-on details of other users to create ghost workers on the Persal system and pay the salaries of these nonexistent employees into fraudulent bank accounts," she said.

Source: The Star Newspaper - Front Page - December 13, 2008


Latest 5 Featured Posts:

Operation Vula, its Secret Safari, and Zuma’s band of comrades - Dec. 2013
During 1986 the ANC launched an underground operation called Operation Vula. A lesser-known fact is that it continued to operate after Nelson Mandela's release in February 1990, and for three years after his speech in August 1990 when he reiterated the total commitment of the ANC, Umkhonto we Sizwe and the SACP to the Groote Schuur Minute.

Heritage Day Photographs (Voortrekker Monument) - Sept. 2013
This posting includes a few photographs taken on Heritage Day 2013. The posting introduces an unusual but beautiful new structure called QUO VADIS? (with the question mark) which I’m sure many readers have never heard of.

The Yellow-Bucket Marula Tree: A Mystery Solved! - Oct. 2013
I came across a rather strange phenomenon one day while travelling along the R561 route between Tolwe and Baltimore in the Limpopo province of South Africa. A small yellow bucket was attached high-up in a branch of a Marula tree, hence the name of this posting. It’s a real funny story which I’m sure most readers will enjoy - as much as I enjoyed compiling the article  - (with illustrations).

Pretoria’s Monument for Victims of Terrorism - July 2013
Many people (including myself) had almost forgotten about a noteworthy monument in Pretoria that stood at the entrance of the old Munitoria building on the corner of Van der Walt and Vermeulen Streets (now renamed Lilian Ngoyi and Madiba Streets). When the Munitoria building was demolished on 7 July 2013 nobody could tell me whether the monument was still standing or not, so I decided to go look for myself.

Remembering The Battle of Delville Wood - July 2013
14 July marks a day when the South African 1st Infantry Brigade got engaged in the 1916 (WW1) Battle of the Somme, in France. The battle was one of the largest of World War I, in which more than a million men were wounded or killed, making it one of humanity's bloodiest battles. One specific encounter during this battle, known as The Battle of Delville Wood, is of particular importance to South Africa. The posting includes a comprehensive article (with pictures) compiled and written by Petros Kondos.

African Countries (Alphabetical list):
(The links will redirect to the page dealing with the specific country.)