by Ashor Sarupen MPL – DA Gauteng Spokesperson on Education
The DA is concerned about the state of cybersecurity in the Gauteng Provincial Government after learning that the Online School Enrolment System faced 767 critical cyber security incidents over the past two years, and a total of 1370 incidents over the same period.
Most concerning is that overall, the number of incidents has increased over 2200% from 57 in 2017 to 1312 incidents so far in 2018 alone. This was revealed in a written reply to questions tabled by the DA.
The cyber attacks on the school enrolment system included malware, code injections, buffer errors, information disclosure, anomaly, access control and SQL injections, of which 99% were reported to be blocked by the State Information Technology Agency (SITA) firewalls.
Most concerning, however, is the fact that the Gauteng Department of Education has not audited its systems beyond the Online Admissions System for cyber security vulnerabilities, meaning that its other systems may be vulnerable to data breeches.
The data of South African citizens is becoming increasingly vulnerable to cyber attacks on private and public systems, and the fact that only the school enrolment system appears to be protected in the Gauteng Education Department is a cause for major concern.
The DA will be tabling further questions to each Gauteng government department about whether it is keeping our citizens’ data safe and proposing measures to secure government databases.
The DA believes that the state, as the custodian of tremendous amounts of data on individual citizens, has the highest responsibility to protect their citizens from the risks that come with data breeches, such as identity theft.