Latest news with #InfrastructureReportingModel
Business Insider
24-07-2025
- Business
- Business Insider
Microsoft server hack hits South African treasury, companies, and university
Several organisations in South Africa have fallen victim to a global cyberattack that exploited a vulnerability in Microsoft Corp.'s SharePoint servers. A global cyberattack has targeted Microsoft SharePoint server vulnerabilities, affecting 400 entities worldwide. Victims of the attack include government agencies, corporations, and educational institutions, with some cases reported in South Africa. South Africa's National Treasury detected malware in its infrastructure but confirmed no system disruptions. The Dutch company, which detected the initial wave of breaches last week, said hackers have compromised around 400 entities worldwide, including government agencies, corporations, and other institutions. The actual number of affected organisations may be significantly higher. While the United States accounted for the majority of the breaches, Mauritius, Jordan, South Africa, and the Netherlands also reported a notable number of victims, Bloomberg reported. 'We never name individual victims, but can share that in South Africa we've seen an organisation in the car-manufacturing industry, a university, several local-government entities and a federal government entity,' Eye Security co-owner Vaisha Bernard said. He added that two additional, unnamed organisations have also been compromised. Details of the attack have been shared with South Africa's Computer Security Incident Response Team (CSIRT) for further investigation. Treasury confirms malware infection South Africa's National Treasury has confirmed that it is working with Microsoft Corp. after detecting malware on one of its systems. The infection was found on its Infrastructure Reporting Model website, the Treasury said in a statement. The incident comes amid a broader wave of cyberattacks exploiting vulnerabilities in Microsoft's SharePoint servers. The platform is widely used in South Africa by both public and private institutions for document collaboration and storage. Many organisations host SharePoint on-premises to maintain control and add layers of security, ironically, the very setup now being targeted by attackers.
IOL News
24-07-2025
- Business
- IOL News
National Treasury confirms malware on infrastructure reporting platform
National Treasury has confirmed that it has "identified malware on its Infrastructure Reporting Model website National Treasury has confirmed that it has "identified malware on its Infrastructure Reporting Model website, the online infrastructure reporting and monitoring system". In a statement issued to the media late on Wednesday, the Treasury announced that it has isolated the IRM servers to assess the extent of the compromise and to ensure the security of its systems. "Considering recent media reports since Sunday regarding security incidents affecting Microsoft platforms in the USA, NT has requested Microsoft's assistance in identifying and addressing any potential vulnerabilities within its Information and Communication Technology ICT) environment,". the Treasury said.
The Citizen
24-07-2025
- Business
- The Citizen
SA's Treasury discovers malware as hackers exploit Microsoft flaw
Hackers reportedly breached hundreds of government agencies and companies around the world by exploiting a vulnerability in Microsoft's SharePoint server software. Most of the victims are in the US, followed by Mauritius, Jordan, South Africa and the Netherlands. Picture: iStock As South Africa continues to be a target of cybercriminals, ranking 27th globally among the most breached countries, the National Treasury (NT) has confirmed that it found malware on its Infrastructure Reporting Model website, an online infrastructure reporting and monitoring system. Treasury stated the issue was related to the recent attacks on SharePoint, a widely used web-based platform developed by Microsoft for collaboration and document management. Government agencies Hackers reportedly breached hundreds of government agencies and companies worldwide by exploiting a vulnerability in Microsoft's SharePoint server software. Most of the victims are in the US, followed by Mauritius, Jordan, South Africa and the Netherlands. ALSO READ: South Africa remains a global hotspot for data breaches The National Nuclear Security Administration, the US agency responsible for maintaining and designing the nation's cache of nuclear weapons, was among those breached, Bloomberg reported earlier. SA Treasury Microsoft issued patches for two versions of the software, noting that one, SharePoint 2016, remains vulnerable to attacks. 'Considering recent media reports since Sunday regarding security incidents affecting Microsoft platforms in the USA, NT has requested Microsoft's assistance in identifying and addressing any potential vulnerabilities within its Information and Communication Technology (ICT) environment,' Treasury said. Malicious activities Treasury said it processes over 200 000 emails each day and facilitates more than 400 000 user connections through its websites daily. 'On average, the NT ICT team successfully detects and blocks approximately 5 800 security threats directed at NT systems every day, showcasing the department's commitment to maintaining a secure digital environment. ALSO READ: Data breaches cost SA organisations over R360m in 3 years 'These threats encompass a range of malicious activities, including phishing attempts, malware infections, and spam attacks,' Treasury said. Treasury added that despite these events, its systems and websites continue to operate normally without any disruption. 'China blamed' The newly discovered security flaws in SharePoint enable hackers to access SharePoint servers and steal keys that can allow them to impersonate users or services, potentially granting deep access to compromised networks and enabling the theft of confidential data. Microsoft accused Chinese state-sponsored hackers known as Linen Typhoon and Violet Typhoon of being behind the attacks on Tuesday. Another hacking group based in China, which Microsoft refers to as Storm-2603, also exploited them, according to the company. The hacks are among the latest major breaches that Microsoft has attributed, at least in part, to China, and they come amid heightened tensions between Washington and Beijing over global security and trade. The US has repeatedly accused China of campaigns that have allegedly stolen government and corporate secrets over a period spanning decades. ALSO READ: Microsoft working on global outages, Capitec says banking services restored
IOL News
30-06-2025
- Politics
- IOL News
Gwarube reveals plans to tackle Eastern Cape infrastructure crisis
Basic Education Minister Siviwe Gwarube says her department was taking measures to address weaknesses identified that caused infrastructure crisis in the Eastern Cape. Image: Supplied BASIC Education Minister Siviwe Gwarube says the mismanagement was not the only factor responsible for the overall infrastructure crisis in Eastern Cape schools. She cited persistent backlogs inherited from the pre-1994 era, ongoing budget constraints and competing service delivery priorities, contractor underperformance and project implementation delays, adverse weather conditions affecting construction timelines, and disruptions by local business forums and community protests at school sites. She disclosed this when responding to MK Party MP Nompumelelo Gasa, who noted with concern that the Cape's schools remained the worst in the country regarding billions of rand allocated to schools. Gasa asked Gwarube whether, in an effort to uncover whether corruption or incompetence was to blame, her department will commission an independent forensic audit of all infrastructure grants and Equitable Share spending there. Gwarube dismissed calls for an independent forensic audit, saying her department was taking measures to address weaknesses that caused an infrastructure crisis in the province. 'There are currently no plans by the Department of Basic Education (DBE) to commission an independent forensic audit of the Education Infrastructure Grant (EIG) or Equitable Share spending in the Eastern Cape for the period since 1 January 2019. 'However, the DBE maintains infrastructure planning and performance information through the Infrastructure Reporting Model and the Education Facilities Management System (EFMS),' she said. Gwarube said the systems contained annual allocations and expenditure performance per infrastructure funding stream, a record of contractors awarded infrastructure projects, and estimated and actual completion rates, including, where applicable, reasons for delays and underperformance. 'This information is available to relevant oversight bodies upon request and is used routinely by the DBE to monitor progress and flag systemic issues.' She said her department was rolling out a sector-wide 10-point infrastructure strategy designed to accelerate infrastructure delivery and strengthen accountability. "As part of efforts to improve service delivery and financial management at a provincial level, the Minister of Basic Education recently requested all MECs and heads of provincial Education Departments to submit urgent written feedback on service delivery failures and personnel irregularities across provinces.' She also said she has launched a coordinated response to restore financial discipline and protect core education services. The national department wants all provinces to submit credible financial recovery plans ahead of the Council of Education Ministers meeting scheduled for July 21.
IOL News
28-06-2025
- Politics
- IOL News
Minister Gwarube dismisses calls for audit on Eastern Cape education spending
Basic Education Minister Siviwe Gwarube says her department was taking measures to address weaknesses identified that caused infrastructure crisis in the Eastern Cape. Image: Supplied Basic Education Minister Siviwe Gwarube has dismissed calls for an independent forensic audit into the Eastern Cape Education Department's expenditure of infrastructure funds. Instead, Gwarube said her department was taking measures to address weaknesses identified that caused infrastructure crisis in the province. 'There are currently no plans by the Department of Basic Education (DBE) to commission an independent forensic audit of the Education Infrastructure Grant (EIG) or Equitable Share spending in the Eastern Cape for the period since 1 January 2019. 'However, the DBE maintains infrastructure planning and performance information through the Infrastructure Reporting Model and the Education Facilities Management System (EFMS),' she said. Video Player is loading. Play Video Play Unmute Current Time 0:00 / Duration -:- Loaded : 0% Stream Type LIVE Seek to live, currently behind live LIVE Remaining Time - 0:00 This is a modal window. Beginning of dialog window. Escape will cancel and close the window. Text Color White Black Red Green Blue Yellow Magenta Cyan Transparency Opaque Semi-Transparent Background Color Black White Red Green Blue Yellow Magenta Cyan Transparency Opaque Semi-Transparent Transparent Window Color Black White Red Green Blue Yellow Magenta Cyan Transparency Transparent Semi-Transparent Opaque Font Size 50% 75% 100% 125% 150% 175% 200% 300% 400% Text Edge Style None Raised Depressed Uniform Dropshadow Font Family Proportional Sans-Serif Monospace Sans-Serif Proportional Serif Monospace Serif Casual Script Small Caps Reset restore all settings to the default values Done Close Modal Dialog End of dialog window. Advertisement Next Stay Close ✕ Ad Loading Gwarube said the systems contained annual allocations and expenditure performance per infrastructure funding stream, a record of contractors awarded infrastructure projects, and estimated and actual completion rates, including, where applicable, reasons for delays and underperformance. 'This information is available to relevant oversight bodies upon request and is used routinely by the DBE to monitor progress and flag systemic issues.' Gwarube was responding to MK Party MP Nompumelelo Gasa, who noted with concern that the Cape's schools remained the worst in the country regarding billions of rand allocated to schools. Gasa asked the minister whether, in an effort to uncover whether corruption or incompetence was to blame, her department will commission an independent forensic audit of all infrastructure grants and Equitable Share spending there. She said the forensic audit should determine the total amount that was budgeted against the actual amount spent on infrastructure delivery and uncover the names of the contractors that were awarded the projects and consequences for their failures. Gasa also enquired whether Gwarube found that the crisis of school infrastructure in the Eastern Cape was fuelled by mismanagement. According to Gwarube, her department acknowledged that several factors contributed to the infrastructure challenges experienced in the Eastern Cape. She cited persistent backlogs inherited from the pre-1994 era, ongoing budget constraints and competing service delivery priorities, contractor underperformance and project implementation delays, adverse weather conditions affecting construction timelines, and disruptions by local business forums and community protests at school sites. 'While these factors have negatively affected delivery in some areas, the DBE does not attribute the overall infrastructure crisis in the Eastern Cape solely to mismanagement. 'Nonetheless, systemic weaknesses have been identified and the DBE is taking steps to address these with the Eastern Cape Department of Education.' She said her department was rolling out a sector-wide 10-point infrastructure strategy designed to accelerate infrastructure delivery and strengthen accountability. "As part of efforts to improve service delivery and financial management at a provincial level, the Minister of Basic Education recently requested all MECs and heads of provincial Education Departments to submit urgent written feedback on service delivery failures and personnel irregularities across provinces.' She also said she has launched a coordinated response to restore financial discipline and protect core education services. The national department wants all provinces to submit credible financial recovery plans ahead of the Council of Education Ministers meeting scheduled for July 21. 'These plans are to be assessed for alignment with national priorities and fiscal sustainability. The Minister has also requested the DBE's director-general to liaise with National Treasury and affected provinces to design appropriate support mechanisms.' Gwarube said the DBE remained committed to providing technical oversight, supporting institutional capacity development and ensuring that public funds were utilised effectively to realise the educational rights of all learners across all provinces, including the Eastern Cape.
