Cybersecurity researcher finds that hundreds of SITA-backed websites are vulnerable to cyberattacks

mylesillidge · Sunday at 4:59 PM

South African government leaving doors wide open to cybercriminals

Hundreds of South African government websites are wide open to cyberattacks thanks to years of poor maintenance and disregard, a cybersecurity researcher has claimed.

Despite this, the State Information Technology Agency (SITA), which is responsible for a large portion of the government's ICT infrastructure, previously said that its systems were secure.

My_King · Sunday at 5:02 PM

Nooo reallllyyyy???

Jam Sandwich · Sunday at 5:18 PM

Bazillion Rand tender to fix will put that right...

Solitude · Sunday at 9:02 PM

Shame man. They are doing their best.

My_King · Sunday at 9:22 PM

Solitude said:
Shame man. They are doing their best.

I would feel for them, but as a person who has to adhere to their "rules", to hell with them.

Pegging · Sunday at 9:25 PM

Decolonization in progress….

SkillBeatsAll · Sunday at 9:33 PM

Hey, Joel here —
Sucks to see SITA immediately shift blame to “many departments”, when even SITA themselves are vulnerable.

They’re running Drupal 7, and many of their servers have vulnerabilities - the same servers that host SITA content.

This after they told us “There is a monthly vulnerability scanning process for all the SITA-hosted websites”

Randomwasavailable · Sunday at 9:34 PM

Jam Sandwich said:
Bazillion Rand tender to fix will put that right...

That's what I was thinking too. Unfortunately, they won't give it to Cedras, but to cadres.

SkillBeatsAll · Sunday at 9:36 PM

Some fun stats from the original articles on GroundUp:

SITA has 904 unique CVEs on its ASN; In total, just over 5000 non unique.

Non-SITA govt hosts have 725 unique, but just over 4400 non unique (despite being half the size of the SITA network). There are also more critical CVEs off SITA’s network than on, but that’s not an advertisement to use them!

Randomwasavailable · Sunday at 9:37 PM

Pegging said:
Decolonization in progress….

They have LDS or PDS, logic or pragmatic derangement syndrome.
The things they do, you'd swear it's parody, but, unfortunately, it's not.

Randomwasavailable · Sunday at 9:40 PM

SkillBeatsAll said:
Hey, Joel here —
Sucks to see SITA immediately shift blame to “many departments”, when even SITA themselves are vulnerable.

They’re running Drupal 7, and many of their servers have vulnerabilities - the same servers that host SITA content.

This after they told us “There is a monthly vulnerability scanning process for all the SITA-hosted websites”

They're just quoting some dusty policy, or they Googled what they should be doing and that's from page 1.

r00igev@@r · Monday at 7:32 AM

Where are all those fancy pants vendors they appoint via tenders?

W@P · Monday at 7:50 AM

Bad Ballie · Monday at 7:55 AM

Get away with your colonial ways here, maintenance and security are not something the government does, if something breaks after years of neglect, they just continue without it... unless it offers a chance for looting, in which case they give it a crutch and charge the taxpayer for a top-of-the-line motorized wheelchair.

FiestaST · Monday at 4:16 PM

https://twitter.com/x/status/2066373481365688582

Join the MyBroadband community

Get started

Cybersecurity researcher finds that hundreds of SITA-backed websites are vulnerable to cyberattacks

mylesillidge

Journalist

My_King

Honorary Master

Jam Sandwich

Honorary Master

Solitude

Executive Member

My_King

Honorary Master

Pegging

Honorary Master

SkillBeatsAll

Well-Known Member

Randomwasavailable

Senior Member

SkillBeatsAll

Well-Known Member

Randomwasavailable

Senior Member

Randomwasavailable

Senior Member

r00igev@@r

Honorary Master

W@P

Honorary Master

Bad Ballie

Expert Member

FiestaST

Honorary Master