Subscribe
About

Govt cyber security hub is danger zone

Simnikiwe Mzekandaba
By Simnikiwe Mzekandaba, IT in government editor
Johannesburg, 02 Nov 2015
DTPS minister Siyabonga Cwele has called on stakeholders to subscribe to the hub and report incidents of cyber threats.
DTPS minister Siyabonga Cwele has called on stakeholders to subscribe to the hub and report incidents of cyber threats.

While government has made good on minister Siyabonga Cwele's promise to establish a "cyber security hub", the site is itself a security risk.

Clicking through to the public site today results in this or similar messages: "The security certificate presented by this Web site was issued for a different Web site's address. Security certificate problems may indicate an attempt to fool you or intercept any data you send to the server. We recommend that you close this Web page and do not continue to this Web site."

The department insists all is fine with the site when it accesses it internally. However, ITWeb as well as several analysts were unable to access the site, receiving the security alert on desktops and mobile.

Hub ambitions

The Department of Telecommunications and Postal Services (DTPS) finally launched the National Cybersecurity Hub of South Africa on Friday.

The hub is derived from government's 2012 Cybersecurity Policy Framework, and aims to be a central point for collaboration between industry, government and civil society on all cyber security-related incidents in the country.

According to the DTPS, the information gathered by the hub will be used to monitor cyber attacks and provide warnings to stakeholders of emerging threats, serve as an information centre for solutions on how to deal with threats, and enable stakeholders to get updates on global risks for pre-emptive measures to strengthen their systems against cyber attacks.

"Cyber attacks are real. No single individual or company may afford to singlehandedly defend him or herself against hackers and havoc-wreakers," said Cwele.

Public access

The security hub aims to ensure collaboration between businesses and create a platform for partnership between government and the private sector on cyber security; as well as assist members of the public to receive tips on the safe use of the Internet.

According to the DTPS, the security hub will become a point of reference for citizens, providing a repository of information regarding protecting children online, a best practice guide for parenting on the Internet, and how the average South African can prevent malicious attacks and identity theft, and ensure online financial security.

This is what users will see when trying to access government's National Cybersecurity Hub.
This is what users will see when trying to access government's National Cybersecurity Hub.

However, the site launched for the public as well as for parents to share information on how to manage their children's safety online either was not working at the time of publication or returned a security warning.

Craig Rosewarne, MD of Wolfpack Information Risk, says it is unfortunate the site launched for the public to use to get information and report incidents is not yet ready.

"The biggest issue is that when people visit the site they will get a warning from their browsers (Internet Explorer, Firefox, Chrome) that the connection is not secure. This does not inspire confidence in the site/hub at all."

Rosewarne adds: "The technical issue or misconfiguration causing this can be easily addressed. Additionally, reporting incidents via e-mail is not the best approach to take."

Long time coming

"The launch of the cyber security hub is definitely a step in the right direction and is really needed in South Africa. We far too often see people and companies falling victim to similar or the same threats," says Rosewarne.

"Having a structure in place where people or companies can report threats and receive threat warnings is great. In particular, it will provide South Africans with perspective as to what is happening locally as opposed to relying on international feeds only," he notes.

Jason Jordaan, principal forensic scientist at DFIRLabs, says there has been lots of talk about the cyber security hub over the past two years, but it's a good sign to see it finally launched.

"Lots of developed countries have similar hubs and now South Africa is following in line."

Jordaan also notes it's still early days, but the hope is that this hub will do a lot in raising cyber security awareness.

Erratic cyber culture

According to Dominic White, CTO of SensePost, South Africa's cyber security culture is much like the economy, and varies dramatically across different sectors.

"Financial services have long invested in security, and invested well, and show it. Other areas such as government are lagging. And much like the rest of the world, our SMEs are way behind," he explains.

"They [government] have got a long way to go to build the support structures they need in the form of the sector Computer Security Incident Response Teams in each industry, as well as establishing the right skills and building legitimacy, not to mention the technical tools required to be effective. It takes a long time to build the connections and trust to actually coordinate a response in the face of an emergency. If they start small, and live up to those expectations, it will go a long way in building that trust," he says.

Stepping up

According to Rosewarne, the hub shows government realises cyber threats need to be addressed in South Africa and that this can only be achieved through collaboration between all the different stakeholders.

"The initiative is great. I'm sure there will be initial 'teething' stages, which will be overcome with time," he notes.

Jordaan says government needs to employ the right people, with relevant expertise, and integrate with other organisations to ensure the cyber security hub is effective.

"It [the cyber security hub] does two good things; the first is that it gives someone in government outside the military, intelligence and police services a face for cyber security. Something we've long needed. The second is that it provides a collaboration point between industry and government on these matters," says White.

Share