Transnet hack could lead to national shutdown of IT infrastructure, warns DA

Jan

Jan

Who's the Boss?
Staff member
Joined
May 24, 2010
Messages
14,022
Reaction score
12,049
Location
The Rabbit Hole
He said it is becoming increasingly clear that the crippling cyberattack on Transnet’s IT infrastructure was an act of sabotage potentially carried out by the perpetrators of the insurrection.
Click to expand...
Nah. Burning and looting and stone throwing and singing and dancing is about as advanced as we in ZA can go.
 
Jan said:
South Africa faces national shutdown of IT infrastructure, warns DA

DA shadow minister of public enterprises Ghaleb Cachalia has warned that South Africa could face a national shutdown on its Information Technology (IT) infrastructure following the Transnet hack.

Last week, Transnet suffered a cyberattack which caused disruptions on its IT applications and brought some of its operations to a halt.
Click to expand...
Dumb hackers - there's fkkl left to steal at Transnet

If you ask me, it's likely a tendrepeneur hoping for a juicy new IT services contract

PS: In keeping with my Internet bona fides I didn't bother to read the article and am only responding to the headline.
 
I'm convinced it's all because some numbnut at Transnet clicked on some random 'document.pdf.exe' from some random Nigerian scammer calling him 'my dear lovely friend'.
 
Grouter said:
I'm convinced it's all because some numbnut at Transnet clicked on some random 'document.pdf.exe' from some random Nigerian scammer calling him 'my dear lovely friend'.
Click to expand...
That would be amazing actually! I mean, wouldn't put it past them. Would love to know what the infra looks like… (hope it’s not Windows)
 
rambo919 said:
I can't help but wonder if something else happened and they are pulling a "third force" move here to distract from failure....
Click to expand...

Nah, it's regular ransomware. Where it originally came from is a better question. It's a corp close to Transnet that needs to interface with them and their systems regularly - this includes SAMSA and the Port Authority in Cape Town.

Everything that Transnet uses is down. All computers. All backup locations. All websites. All APIs that others interface with. Email, VDI, calendaring. All down.

Grouter said:
I'm convinced it's all because some numbnut at Transnet clicked on some random 'document.pdf.exe' from some random Nigerian scammer calling him 'my dear lovely friend'.
Click to expand...

Actually this past month has been exceedingly tiring for IT techs. Heck, this whole year is a cluster**** of malware, bad security practice, and attacks on MSP tools to widen the net.

Transnet could have been infected by any number of vectors. This includes remote desktop vulnerabilities, Print Nightmare, lingering SMBV1 shares on old machines, Linux kernel attacks, Kaseya ransomware (which is likely), the list goes on.

The Kaseya link is a possibility because Sage uses Kaseya for pretty much everything on their corporate network, and Sage offers MSP-like services, for their products, to customers including Transnet.
 
CataclysmZA said:
Actually this past month has been exceedingly tiring for IT techs. Heck, this whole year is a cluster**** of malware, bad security practice, and attacks on MSP tools to widen the net.
Click to expand...
Exactly! Honestly, the biggest thing is also the majority of the companies took a hit with Covid and had to move to an "online" focused world. With it of course, comes a ton of drawbacks and I have seen more infected work from home laptops in the past year than I thought possible.

That and companies think just getting an avast, norton or some basic anti-virus will solve their issues. Without actually spending money on proper VPS servers and security onto their networks and systems.
 
neo_ said:
That would be amazing actually! I mean, wouldn't put it past them. Would love to know what the infra looks like… (hope it’s not Windows)
Click to expand...

I don't really believe Windows 10 or Server 2016/19 is a major concern if you've got all the right measures in place surely? Or am I missing something?

Sure if they're still on Windows 7 or XP and/or Server 2008/2003 etc., well then we might have a problem :D

Threat Protection on Email.
Common-sense network Security practices.
Decent Anti-malware/Anti-ransomware.
Endpoint encryption.
MFA.
Backups!

Those go a long way AFAIK before Windows is a concern.

Even the Kaseya thing was stopped by something as simple as Sophos, they even demo'd how their years old version still detects and stops it. Just for a bit of useless info :)
 
Last edited:
It was probably a Mikrotik router not locked down or something. God I've seen those things get hacked so many times :p And they're everywhere.
 
Last edited:
ghostRgg said:
Exactly! Honestly, the biggest thing is also the majority of the companies took a hit with Covid and had to move to an "online" focused world. With it of course, comes a ton of drawbacks and I have seen more infected work from home laptops in the past year than I thought possible.

That and companies think just getting an avast, norton or some basic anti-virus will solve their issues. Without actually spending money on proper VPS servers and security onto their networks and systems.
Click to expand...
ID10T errors..... no AV helps for those.
 
neoprema said:
The DA love their sensationalist headlines. Like no other countries IT infrastructure has been hacked or ransomed...
Click to expand...

Pretty much what I was thinking.. next we will see people on here claiming they can’t wait for it all to go up in smoke.. “burn it down, burn it down!!”

Well till, that is, they realize the financial implication of such things.. just another day in SA. Some try to improve things despite all the crap coming, others a time cheer for it fall apart and then will be the first to cry & bitch about it.
 
Pineapple Smurf said:
Fear not
The voters are busy decolonizing this country 1 day at a time
Soon we will not need IT anymore

Back to the stone age :thumbsup:
Click to expand...
Who is going to be my messenger?
I already have queue guy, car watch guy, trolley guy, delivery guy, petrol guy, business associate (BEE) guy, etc.
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter