Department of Justice fails to renew IT contracts — gets hacked
The Department of Justice allowed its IT contracts to lapse last year, forcing internal officials to assist with troubleshooting and reporting from August 2021.
A month after internal officials took over these functions, the department was the victim of a ransomware attack.
According to justice minister Ronald Lamola, the previous service provider’s contracts were not timeously renewed due to strain in the department’s Information Systems Management, Supply Chain Management, and Contract Management units.
“The Department operated without the Head of ISM, Chief Financial Officer (CFO), Chief Director: SCM and Director: SCM for a while,” he explained.
“However, such capacity constraints are now being addressed.”
Lamola provided insight into the backlog that had accumulated due to the lapsed contract.
“As at 1 February 2022, there were 700 backlog calls of which the appointed service provider has already started to deal with the backlog, so far the provider has managed to resolve 90 calls, and the process is ongoing,” he said.
The ransomware attack that targeted the Department of Justice occurred in September 2021 and disrupted all of the department’s electronic services, including bail services, letters of authority, email, and website.
The department issued a statement later that same week confirming the attack.
“Our IT teams are working tirelessly to restore services as soon as is practically possible,” the department said.
To continue its operations, the department shifted to manual processes.
The Department of Justice’s director-general advocate, Doctor Mashabane, said that at least 1,200 files might have been compromised. It was later revealed that the department had no idea whether any data was stolen.
“The Department cannot tell with certainty as to what happened to the compromised information,” Lamola said in response to another set of parliamentary questions.
“As at 1 December 2021, the analysis and/or forensic investigation is still inconclusive in terms of the exact nature of the information that was sent outside of the Department as part of the breach.”
Lamola added that the department would inform South Africa’s Information Regulator when the information becomes available.
The department has now appointed a service provider on a temporary 12-month contract to maintain and support its Court Recording Technology (CRT) and Sexual Offences System (SOS) networks.
Lamola explained that the department is awaiting the finalisation of a long-term solution, and the service provider was awarded the temporary contract in the interim.
“The appointed service provider is responsible for supporting both Court Recording Technology (CRT) and Sexual Offences System (SOS) across the country,” he wrote in response to parliamentary questions.
“At the same time, the Department has embarked on a process for procuring an overarching contract for a period of three (3) years.”
He expected the contract to be published by the end of February 2022.
The previous service provider’s contract lapsed on 21 April 2021, and Lamola explained that interim measures were put in place to ensure continuity.
“These interim measures relate to providing support and maintenance as part of an existing contract that is providing regional support service,” he said.
“In terms of this arrangement, the service provider was appointed to perform the maintenance and support services for Court Recording Technology (CRT) and SOS between June 2021 and August 2021, on a project basis.”
According to Lamola, from August 2021 onwards, internal officials assisted with troubleshooting and reporting on a case by case basis.