It also claimed to have breached the website of the Ephraim Mogale Local Municipality in Limpopo, and threatened to leak information from both organisations.<\/p>\n\n\n\n
At the time, Nullsec Nigeria said it attacked the two government institutions due to rising incidents of xenophobic attacks on Nigerians in South Africa.<\/p>\n\n\n\n
“They call themselves correctional services, but they can’t correct the citizens. What a shame,” the group said in its Telegram channel.<\/p>\n\n\n\n
“They killed a lot of Nigerians while the so-called correctional services watched and the ministry of justice.”<\/p>\n\n\n\n
Reports indicated that the attacks could be part of a wider campaign against South African organisations driven by African threat actor groups with political motivations called #OpSouthAfrica.<\/p>\n\n\n\n
Lee said the real story was that South Africa is the continent’s cybersecurity leader in terms of market maturity, yet organisations still struggled to protect themselves adequately.<\/p>\n\n\n\n
He said that the weaponisation of technology was accelerating globally, driven by generative AI, and South Africa is not exempt from this dynamic.<\/p>\n\n\n\n
“When attack capability is scaling, and defensive posture has not kept pace, the exposure is real.”<\/p>\n\n\n\n
“The broader message for government is that going digital and securing that digital environment are not separate workstreams. They need to move together,” he said.<\/p>\n\n\n\n
Lack of cybersecurity skills and cyber hygiene<\/h2>\n\n\n\n![\"\"](\"https:\/\/mybroadband.co.za\/news\/wp-content\/uploads\/2026\/05\/Palo-Alto-Cyberattacks-Justin-Lee-1-1200x675.jpg\")
<\/figure>\n\n\n\nLee explained that threat actors were using the latest technology to accelerate their attacks, but South African public organisations lacked the right talent and protocols to address this threat.<\/p>\n\n\n\n
“The recent activity around #OpSouthAfrica should be treated as a resilience warning, not just a hacktivist headline,” he said.<\/p>\n\n\n\n
“Public sector institutions across health, municipal, regulatory and critical services have all faced disruptive cyber activity in recent periods, and the pattern is not going away.”<\/p>\n\n\n\n
A significant problem lay in how government organisations built their cybersecurity around detection and response capabilities, which was no longer enough to stop AI-powered hackers.<\/p>\n\n\n\n
He cited a 2026 report showing that the time between a network intrusion and data theft dropped to around 72 minutes globally, down from 285 minutes only two years ago.<\/p>\n\n\n\n
“That window is dangerously narrow,” he said.<\/p>\n\n\n\n
“What is needed is rigorous cyber hygiene at scale, stronger identity controls, faster detection and containment, tested recovery processes and better coordination across government entities.”<\/p>\n\n\n\n
However, these improvements were predicated on the right market conditions, and South Africa still suffered from a dearth of skills in cybersecurity.<\/p>\n\n\n\n
“The pipeline of cyber skills is simply not keeping pace with demand, and that is something the whole industry is grappling with,” said Lee.<\/p>\n\n\n\n
Cybersecurity teams in South Africa were already running lean, and new skills were rare to find. Lee said that meant companies needed security that worked with fewer people and less complexity.<\/p>\n\n\n\n
Lee called the lack of cybersecurity skills in South Africa the most significant headwind for Palo Alto itself in the local market, especially as it looks to grow its business.<\/p>\n\n\n\n
“Finding the right talent to support our own expansion is one dimension, but it also shapes how our customers engage with what we offer.”<\/p>\n\n\n\n
“Organisations want to consolidate and modernise, but they do not always have the internal capacity to drive those programmes or get full value from the platforms they invest in,” he said.<\/p>\n\n\n\n
Palo Alto saw it as a challenge across the region, and South Africa was no exception. The lack of skills was another vulnerability that threat actors could exploit.<\/p>\n","protected":false},"excerpt":{"rendered":"
Hacktivists who claimed to breach government entities in South Africa distract from the real problem: a systemic lack of defensive capabilities.<\/p>\n","protected":false},"author":341213,"featured_media":650616,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[27],"tags":[105377,15227,105291,103907,105290,35318],"class_list":["post-648950","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","tag-opsouthafrica","tag-cybersecurity","tag-ephraim-mogale-local-municipality","tag-justin-lee","tag-nullsec-nigeria","tag-palo-alto-networks"],"_links":{"self":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/648950"}],"collection":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/users\/341213"}],"replies":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/comments?post=648950"}],"version-history":[{"count":6,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/648950\/revisions"}],"predecessor-version":[{"id":650617,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/648950\/revisions\/650617"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/media\/650616"}],"wp:attachment":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/media?parent=648950"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/categories?post=648950"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/tags?post=648950"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
<\/figure>\n\n\n\nLee explained that threat actors were using the latest technology to accelerate their attacks, but South African public organisations lacked the right talent and protocols to address this threat.<\/p>\n\n\n\n
“The recent activity around #OpSouthAfrica should be treated as a resilience warning, not just a hacktivist headline,” he said.<\/p>\n\n\n\n
“Public sector institutions across health, municipal, regulatory and critical services have all faced disruptive cyber activity in recent periods, and the pattern is not going away.”<\/p>\n\n\n\n
A significant problem lay in how government organisations built their cybersecurity around detection and response capabilities, which was no longer enough to stop AI-powered hackers.<\/p>\n\n\n\n
He cited a 2026 report showing that the time between a network intrusion and data theft dropped to around 72 minutes globally, down from 285 minutes only two years ago.<\/p>\n\n\n\n
“That window is dangerously narrow,” he said.<\/p>\n\n\n\n
“What is needed is rigorous cyber hygiene at scale, stronger identity controls, faster detection and containment, tested recovery processes and better coordination across government entities.”<\/p>\n\n\n\n
However, these improvements were predicated on the right market conditions, and South Africa still suffered from a dearth of skills in cybersecurity.<\/p>\n\n\n\n
“The pipeline of cyber skills is simply not keeping pace with demand, and that is something the whole industry is grappling with,” said Lee.<\/p>\n\n\n\n
Cybersecurity teams in South Africa were already running lean, and new skills were rare to find. Lee said that meant companies needed security that worked with fewer people and less complexity.<\/p>\n\n\n\n
Lee called the lack of cybersecurity skills in South Africa the most significant headwind for Palo Alto itself in the local market, especially as it looks to grow its business.<\/p>\n\n\n\n
“Finding the right talent to support our own expansion is one dimension, but it also shapes how our customers engage with what we offer.”<\/p>\n\n\n\n
“Organisations want to consolidate and modernise, but they do not always have the internal capacity to drive those programmes or get full value from the platforms they invest in,” he said.<\/p>\n\n\n\n
Palo Alto saw it as a challenge across the region, and South Africa was no exception. The lack of skills was another vulnerability that threat actors could exploit.<\/p>\n","protected":false},"excerpt":{"rendered":"
Hacktivists who claimed to breach government entities in South Africa distract from the real problem: a systemic lack of defensive capabilities.<\/p>\n","protected":false},"author":341213,"featured_media":650616,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[27],"tags":[105377,15227,105291,103907,105290,35318],"class_list":["post-648950","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","tag-opsouthafrica","tag-cybersecurity","tag-ephraim-mogale-local-municipality","tag-justin-lee","tag-nullsec-nigeria","tag-palo-alto-networks"],"_links":{"self":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/648950"}],"collection":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/users\/341213"}],"replies":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/comments?post=648950"}],"version-history":[{"count":6,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/648950\/revisions"}],"predecessor-version":[{"id":650617,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/648950\/revisions\/650617"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/media\/650616"}],"wp:attachment":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/media?parent=648950"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/categories?post=648950"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/tags?post=648950"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}