Tag: cybersecurity

Cybersecurity Is Critical, Not an Add-On

In today’s connected world, cybersecurity is not a technical extra but rather a business essential. 

Every system, process, and transaction relies on digital trust, and maintaining that trust demands more than compliance checklists.

The updated NIST Cybersecurity Framework 2.0 recognises this by elevating Govern to stand alongside Identify, Protect, Detect, Respond, and Recover. Together, these disciplines form a continuous cycle of protection that drives operational resilience and not just defence.

At Soteria, we believe this shift marks a decisive step forward: from reactive security to proactive governance.

Here’s a closer look at each of the elements in this crucial strategy. 

Govern: Setting the Compass For Safe Online Navigation 

Effective governance is about leadership, and cybersecurity is no exception. Boards and executives who take ownership of cyber risk and align it with strategic goals will enjoy better online security both today and in the future as threats evolve.

Governance should include accountability, risk tolerance, and measurable outcomes, ensuring cybersecurity is treated as a performance metric and not a back-office cost. To achieve this, there needs to be direct and strategic communication between the IT department and top management to establish common goals.

When leadership sets the tone, cybersecurity becomes an enabler of trust and continuity both within the company and between customers and business representatives. 

Identify: Knowing What You’re Protecting 

True protection starts with visibility, but many business owners aren’t clear on what threats to look out for. 

  • Modern digital ecosystems include a growing web of cloud platforms, APIs, and machine identities that shift daily. 
  • Continuous discovery and classification allow organisations to prioritise the assets and data that underpin business operations. 
  • Regular and automated backups across all the apps and platforms used by the business are an effective way of achieving this.

Without clarity and defined parameters, every cybersecurity control becomes guesswork. A small investment in setting up a comprehensive data security system could pay large dividends in years to come.

Protect: Building Resilience by Design

Protection should be seamless but powerful. Through zero-trust access, automated patching, and embedded code scanning, security can be set to integrate directly into workflows. 

At the same time, resilience engineering, from robust backups to graceful recovery, ensures continuity of data even in the worst case scenario of a cyberattack. 

This design-first mindset allows teams to innovate with confidence, knowing protection is built in and automated.

Detect: Turning Threat Signals into Speedy Recovery

In today’s high risk cybersecurity landscape, fraud detection comes down to speed and accuracy.

  • Behavioural analytics, AI-assisted monitoring, and orchestrated playbooks empower teams to act decisively when hackers strike.
  • Every second saved between detection and response reduces exposure and cost. Integrated response loops ensure that alerts become action and lessons learned drive stronger defences.

Comprehensive Cybersecurity Solutions for an Evolving Threat Landscape 

“Govern, Identify, Protect, Detect” is not only a framework but rather a blueprint for resilient online growth. Cybersecurity can no longer sit at the edge of operations. When built into governance, culture, and design, it becomes the backbone of business continuity.

As an Acronis Platinum Partner, Soteria Cloud unlocks the full potential of Acronis Cyber Protect Cloud to help organisations attain security that’s strategic, scalable, and always on. Click the button below to learn how we empower IT providers, MSPs and enterprises to remain compliant and resilient in today’s volatile digital landscape.

Unlock Growth

HR Blind Spots – Data Security

The Blind Spots in Data Security: Why HR Can’t be Overlooked

Human Resources departments serve a vital purpose, but they are increasingly emerging as blind spots in organisational data security. 

For many South African firms, the cybersecurity focus remains on firewalls, antivirus software, and endpoint defences. Yet the most vulnerable point is often HR: the place where personal data and human trust intersect.

HR impersonators go on a phishing spree 

That innocent seeming email from HR may be a major phishing attack in disguise

According to news reports, 42.5% of successful phishing clicks in South Africa used HR-related themes such as performance reviews or policy updates. 

Similarly, People Management UK recently reported that four in five data breaches involve HR files.

The reason for HR being targeted by cybercriminals is that it’s a goldmine of personal data.  

  • A typical HR department manages a wealth of personally identifiable information (PII) including ID numbers, payroll data, and banking details.
  • HR is also a natural communication hub, sending company-wide messages that can easily be mimicked by threat actors. 
  • As a result, cybercriminals frequently impersonate HR or executives to trick employees into revealing credentials or authorising fraudulent transactions.

The risk to HR data is compounded by hybrid work models, unsecured legacy systems, and limited cybersecurity awareness.

While just 10% of South African leaders were confident their teams would report suspicious emails, the vast majority were not. 

This underscores the human element in cybersecurity, serving as a reminder that technology alone can’t stop attacks that rely on human instinct.

How to secure your HR data 

To close the security gaps exposing HR to unique threats, businesses can implement the following policies:

  • Strengthen training and awareness: Regularly educate staff, especially those in HR, on phishing and social engineering tactics.
  • Implement access controls: Restrict HR data to authorised personnel and monitor for unusual access patterns.
  • Enforce multi-factor authentication (MFA): Protect HR systems and cloud platforms from unauthorised entry.
  • Run incident simulations: Test readiness using realistic HR-themed phishing drills.
  • Integrate HR into cybersecurity planning: HR should be a partner, not a bystander, in data protection strategy.

Secure your company data with Soteria 

HR is no longer a back-office function. It’s a strategic front line in defending employee data and organisational trust. Strengthening this link between people and protection is essential to a truly resilient business.

Data Loss Prevention is our cutting-edge safety net for every valuable file on your network. Powered by Acronis, this package provides data protection over more than seventy online channels. Click the button below to learn more.

GET DLP

BCP – Business Continuity Plan

The Importance of Having a Solid Business Continuity Plan

South African businesses are operating in an increasingly risky online environment, yet almost half of them still don’t have a Business Continuity Plan (BCP) in place.

In the age of rising cyberattacks and social engineering scams, the risk of downtime has never been greater.

Your business simply can’t operate without a comprehensive plan in place to rescue your operations in the wake of an online attack. Here’s what business owners need to know about business continuity. 

What is a BCP and what should it include?

A business continuity plan is more than a checklist for emergencies. It’s a structured roadmap that ensures critical operations can continue, even when normal conditions are disrupted. 

Whether you’re managing a manufacturing plant, retail chain, or financial services firm, a BCP identifies essential functions, assigns responsibilities, and sets out clear steps to recover quickly after an incident.

Cybersecurity now occupies a key position in continuity planning. 

  • Recent media reports suggest that South African businesses face an average of 2 113 cyberattacks per week, a 14% year-on-year increase. 
  • The fallout from these attacks can cripple operations, lock up data, and erode trust in a matter of hours.

For many businesses, efforts to prevent and recover from cyberattacks have been slowed down by infrastructure and skills gaps. A recent report notes that vulnerabilities in internal systems, combined with instability from hybrid work environments, leave many firms exposed to prolonged outages following a breach. 

Even more concerning is the fact that more than 60% of small businesses that suffer a cyberattack without having a BCP in place will close within six months.

For smaller companies, recovery often depends on whether data has been properly backed up and whether incident-response plans have been tested in advance. 

A strong BCP needs to integrate cybersecurity resilience from the ground up. This includes backup and recovery protocols, real-time threat monitoring, and regular testing. 

Given that only 5% of South African organisations are fully prepared to defend their data against today’s AI-driven cyberattacks, few businesses are likely to maintain continuity after a serious breach.

Beyond risk mitigation, continuity planning builds trust. Clients, partners, and regulators increasingly expect assurance that their data is protected and that your business can withstand disruption without exposing them to risk.

At Soteria, we place a big premium on the overall data defences of your business. That’s why we integrate Acronis Cyber Protect Cloud into every client’s BCP. Here are some of the benefits: 

  • Backup & Recovery: Keep your critical data safe with both local and cloud storage.
  • Disaster Recovery (DR): data failover to the cloud or Azure in just minutes.
  • Cybersecurity: Protect against ransomware, malware, and phishing before they cause major losses. 
  • Management & Monitoring: One console for backups, security, and DR helps simplify your continuity strategy.

By combining practical recovery strategies with robust cybersecurity measures, companies can safeguard operations, protect their reputation, and maintain confidence even when disruptions strike.

Create a comprehensive business continuity plan with secure cloud storage 

Don’t wait for a crisis to test your resilience. Create your business continuity plan today and make cybersecurity the foundation of it. Click the button below to learn more about Cyber Protect Cloud. 

Get Cyber Protect Cloud

Black Friday 2025 – Cybersecurity

Black Friday 2025: Cybersecurity Strategies for Retail Success

On Friday 28 November, shoppers across South Africa will once again begin the hunt for pre-Christmas bargains.

For those who remember when Black Friday was just an American retail tradition, it’s been fascinating to see how quickly it’s become a cornerstone of South African consumer culture. What started as a marketing experiment has grown into one of the most anticipated, and chaotic, shopping events of the year.

From a business standpoint, Black Friday in South Afrrica now represents one of the most intense and profitable trading periods on the retail calendar. But with that opportunity comes significant risk. Cybercriminals are also preparing for the big day—looking for vulnerabilities to exploit while online and in-store systems are at their busiest.

Let’s explore the evolution of Black Friday in South Africa and the critical cybersecurity strategies retailers need to stay safe and successful.

Black Friday Drives 30% of Retail Spend in South Africa

While it hasn’t been around as long as Christmas or Valentine’s Day, Black Friday now accounts for around 30% of South Africa’s festive retail spend, according to Ecentric’s 2024 Black Friday Index.

That means consumers spend nearly a third of their holiday budgets over just one or two days in late November – a massive concentration of transactions that brings both opportunity and risk.

From a retail perspective:

  • Omnichannel strategies powered by real-time data and personalised offers are key to standing out.
  • Online promotions need to be compelling and secure, as shoppers increasingly compare deals across multiple platforms.
  • In-store experiences are regaining traction, but retailers must ensure their POS systems, Wi-Fi networks, and digital payment channels are protected.

Cybercriminals Are Ready to Strike

The surge in online traffic and transaction volume creates the perfect environment for cybercrime.

During Black Friday, we typically see spikes in:

  • Phishing scams imitating popular retailers or courier services.
  • Fake websites offering deals that are too good to be true.
  • Fraudulent payment gateways capturing sensitive customer information.

Even well-established retailers can fall victim if their systems aren’t monitored closely. That’s why robust network monitoring, intrusion detection, and employee awareness are essential during this high-risk period.

Stay Secure While You Scale

As retailers push for record-breaking sales, cybersecurity must be part of the strategy—not an afterthought.

The right protections ensure your systems stay online, your data stays safe, and your customers stay confident in your brand.

At Soteria Cloud, we help South African businesses prepare for high-traffic events like Black Friday with:

  • Encrypted, real-time data backup solutions
  • Secure payment and transaction monitoring
  • Comprehensive Data Loss Prevention (DLP) across more than 70 communication channels
  • 24/7 protection and rapid response to emerging threats

When every second counts, our cloud-based solutions keep your business running securely—no matter how heavy the load.

Protect Your Business This Black Friday

Before the shopping frenzy begins, take time to ensure your systems, staff, and customers are protected.

With the right preparation, Black Friday can be a time of growth—not risk.

Learn more about Soteria’s Data Loss prevention powered by Acronis and get your cybersecurity ready for the busiest shopping weekend of the year.

Learn More About Data Loss Prevention

Partner with Soteria | Cloud storage

Affiliates and Resellers: Grow Your Business with Soteria Cloud

When it comes to growing revenue in the tech industry, there’s no such thing as a one-size-fits-all approach.

Influencers may capture thousands of likes and followers, but cybersecurity resellers bring something different to the table: deep technical expertise and the infrastructure to support clients of every size. Both approaches have value, but neither compares to delivering true peace of mind through cutting-edge online security.

With this in mind, Soteria Cloud, powered by Acronis cyber protection technology, offers two distinct partnership models—tailored to match different business strategies and growth goals.

  • An Affiliate Model, perfect for generating passive, recurring income without operational overhead.
  • A Reseller Model, ideal for businesses ready to take full control, own the client relationship, and build branded solutions.

Whether you want a hands-off revenue stream or a fully customised offering, both models put you on the path to growth.

Share Your Network With an Affiliate Partnership

The Affiliate Model is designed for individuals and businesses with trusted networks who want to earn recurring commissions without managing technical operations.

How It Works:

  • Sign up as an affiliate and receive your unique referral link.
  • Share the link with your clients, audience, or community.
  • Soteria handles everything from onboarding, billing, and customer service to ongoing service delivery.
  • You earn recurring income for the lifetime of the referred customer.

Key Benefits:

  • Zero Overhead: No infrastructure, support teams, or billing systems needed.
  • Effortless Earnings: Get paid monthly, with commissions stacking as your network grows.
  • Trusted Technology: Backed by Acronis, a global leader in cyber protection.

To help affiliate partners spread the news about our data protection packages, we provide comprehensive marketing collateral. You’ll get the  banners, brochures, and content included to help you promote quickly and get great results. 

This type of partnership is ideal for consultants, bloggers, thought leaders, and advisors who want to leverage their reputation and generate a steady income without operational complexity. 

Expand Your Offering With a Reseller Partnership

Our Reseller Model is designed for businesses ready to own the customer experience while leveraging Soteria’s robust infrastructure and Acronis-powered solutions.

How It Works:

  • Purchase wholesale access to Soteria’s platform.
  • Use the Reseller Control Panel to configure, price, and package your services.
  • White-label the solution under your own brand and add additional value for your clients.

As a reseller, you decide the pricing model, whether per workload, GB, or device, and manage the client relationship independently.

Key Benefits:

  • Total Brand Control: Offer solutions under your own name, with Soteria powering the backend.
  • Flexible Billing: Set your own margins and pricing structures.
  • Scalable Service Offering: Add advanced tools like EDR, XDR, DLP, disaster recovery, and email security to create premium packages.
  • Local Expertise, Global Tech: Combine Soteria’s local-based support with world class Acronis technology.

Our reseller programme is aimed at MSPs, ISPs, IT providers, and cybersecurity businesses looking to differentiate their services and maximise profitability while maintaining direct client relationships.

Grow Your Business Your Way With Us

With Soteria Cloud, you don’t have to compromise. Whether you prefer a social income stream or want to build a full-service cyber protection offering under your brand, both models put you in control of your business growth.

If you’re ready to get started, Visit Soteria Cloud Partnerships and choose the path that works for you.

Here’s How You Can Benefit

Celebrating the Women Reshaping Cybersecurity

Celebrating the Women Who Are Reshaping the Future of Cybersecurity

Cybersecurity has gone from being the realm of back-end teams and technical specialists to a board-level priority. As companies recognise that data protection is integral to business continuity and long-term strategy, especially as the threat landscape evolves, women are playing a prominent role in the sector’s future.

In South Africa National Women’s Day is observed on 9 August to mark the anniversary of the 1956 Women’s March to the Union Buildings in Pretoria, to protest against the apartheid pass laws. Women’s Month serves as a time to acknowledge and honour the contributions of women to society and to acknowledge the ongoing fight for gender equality. 

This Women’s Month, we celebrate the growing presence of South African women in cybersecurity: an area that’s becoming essential to how businesses operate in a digital-first economy.

Women currently represent around 25% of the continents’ cybersecurity workforce, contributing a mere 9% of South Africa’s cybersecurity workforce, although that number is beginning to increase thanks to skills initiatives, mentorship programs, and the rising visibility of female leaders in the field.

At a time when cybercrime is becoming more complex and relentless, a sector that’s diverse, highly skilled, and at the cutting edge has never been more important. Women are leading the charge to make the sector one of the best global examples of its kind.

Diverse Talent Drives Digital Transformation

South African businesses are rapidly adopting AI, automation, and cloud-first solutions to improve agility and scale. But with this transformation come both risks and opportunities.

  • Cybercriminals are now leveraging AI just as quickly as legitimate businesses are, developing faster, more convincing phishing scams and launching AI-powered malware at scale.
  • As these threats grow in complexity, so does the demand for professionals who can understand, predict, and prevent them. That’s why growing the local cybersecurity talent pool with the inclusion of more women is becoming a strategic priority.

Forward-thinking companies are already rising to the challenge. As early as 2023 SAP Africa was already pushing to achieve gender parity across its workforce, while organisations like SEACOM are investing in certification and leadership pathways specifically for women in tech.

These great initiatives are helping to ensure gender equity and nurture the skills South Africa needs to secure its digital infrastructure in the long term.

The Acronis Advantage: Supporting Progress Through Partnership

In a 2024 global survey, 71% of women in IT reported working longer hours in a clear sign of the dedication many bring to the profession. Respondents cited career advancement as their primary motivator and with the right support, training, mentorship, and visibility, that dedication is being rewarded with opportunity.

As an Acronis partner, we’re proud to stand behind a platform that not only offers cutting-edge cybersecurity solutions but also actively supports women in tech. By aligning with initiatives that raise the profile of female professionals in cybersecurity, we help build inclusive, sustainable ecosystems for our clients.

Bridge the Gap with Smarter Cybersecurity

Most businesses can’t afford to spend years building internal cybersecurity teams. At the same time, the cost of inaction is rising fast.

That’s why partnering with a secure cloud storage provider backed by Acronis technology is the best strategy. Your business and clients will enjoy the benefits of enterprise-grade cybersecurity, paired with the flexibility and scalability you need – all without the overhead of managing complex software yourself.

Our integrated security offering includes:

  • Access to the latest threat detection and prevention tools
  • Around-the-clock monitoring and rapid response
  • Flexibility to scale as your business grows
  • Cost-effective access to premium cybersecurity through Acronis
  • Peace of mind knowing your data is protected by expert

Celebrate Progress. Secure the Future

This Women’s Month, we recognise our expert team of women here at Soteria alongside the South African women who are all shaping the future of cybersecurity: one secure system at a time. Their expertise, perspective, and resilience are key to building digital systems that are not only more secure, but more inclusive.

If your business is ready to take the next step in cybersecurity and data protection, browse our full range of solutions and discover how easy it is to protect your crucial files and customer data.

Our Solutions

Cybersecurity Investment – online security

Cybersecurity: Investing in Business Stability in the Age of AI

Cybersecurity is no longer a technical afterthought. As artificial intelligence reshapes entire industries, securing digital infrastructure has become a crucial requirement for long-term business stability.

While AI delivers efficiency gains, it has also opened the door to more sophisticated cybercrime. Businesses are waking up to the reality that cybersecurity is not simply an expense. In fact, it’s being described by media reports as an essential investment in sustainability and competitiveness.

Is cybersecurity, alongside AI, just a trend, or the backbone of the future economy? For most enterprises, the answer is becoming very clear. 

Stability in an unstable world

We are barely in Q3 and already the global economy in 2025 has been marked by uncertainty, from trade disruptions to the accelerating rollout of AI across business operations. 

But as companies embrace AI-powered tools to boost productivity, cybercriminals are doing the same, and with alarming effectiveness.

  • Phishing scams, once characterised by clumsy grammar and obvious red flags, have evolved. 
  • AI-driven chatbots now draft convincing, personalised emails at scale, making it far easier to trick recipients, particularly when they are busy or distracted. 

Simply put, the days of easily spotted scam messages are over.

Meanwhile, ransomware attacks, data breaches and AI-powered hacking tools are on the rise. 

Combating these threats requires not only the right technology but also skilled professionals: and therein lies another challenge.

The skills gap and the case for smarter solutions

Cybersecurity has become one of the most in-demand fields globally, but the supply of qualified specialists has not kept pace. 

At the same time, many businesses cannot afford to wait years to build internal teams.

For organisations of all sizes, partnering with providers that offer integrated, scalable solutions is fast becoming a practical and necessary choice. This ensures that cybersecurity gaps can be filled rapidly before a major data breach or cyberattack takes place. 

Secure your data by partnering with a cutting-edge cloud storage provider 

Here are some compelling reasons to choose a comprehensive outsourced cybersecurity solution:

  1. Access to the latest threat detection and prevention tools
  2. Around-the-clock monitoring and rapid response
  3. Flexibility to scale protection as your business grows
  4. Cost-effective access to cutting edge systems through our partnership with Acronis 
  5. The peace of mind that comes with knowing that cybersecurity is an integral part of your business

If you’re keen to set your business up with an automated backup solution that offers top level encrypted storage, we’d love to hear from you. Browse our range of packages including our flagship, total data protection, today.

Total Data Protection Today

South Africa’s Youth – Cybersecurity

SA’s Youth in Cybersecurity: Challenges and Opportunities

South Africa’s cyber threat landscape is becoming harder than ever to navigate as incidents escalate in tandem with an increase in internet users. At the same time, approximately 87% of local businesses report a serious cybersecurity skills shortage, leaving their systems vulnerable to hacking and online attacks.

A combination of recruiting challenges, human development backlogs, and a lack of opportunities for young cybersecurity professionals is exacerbating these challenges, but the situation can be reversed with the right strategy.

The State of Cybersecurity Talent in SA

Businesses across the country are feeling the pinch of a cybersecurity skills shortage, with 40% struggling to recruit and retain cyber talent, and 64% believing this gap increases their risk exposure.

At the same time, many young aspiring cybersecurity professionals are unclear as to the education and training path that could lead to lucrative opportunities in the future.

The following training methods could culminate in a cybersecurity career:

  • Diplomas and degrees in cybersecurity or IT. These are offered by institutions such as UJ, UNISA, Stellenbosch, and CPUT among others
  • Postgraduate diplomas and honours programmes that allow graduates to further specialise in information security
  • Certifications and Bootcamps. These alternative but globally recognised credentials include CompTIA Security+, Certified Ethical Hacker (CEH), CISSP, Cisco CyberOps Associate, Microsoft SC‑900/200, and EC‑Council certifications.

Local accelerators such as the SANCS Talent Accelerator offer a six‑month internship with live‑range labs and mentorship.

Bridging the Experience Gap

Based on the latest industry data, SA companies are both keen to fill vacant positions and acutely aware of the cyber risks that exist today.

In 2024, 86% of companies reported suffering multiple cyber attacks, with 39% having been hit by breaches costing over US$1 million. Despite the increasing risk of severely damaging cyber incidents, Kaspersky warns that approximately 74% of organisations rely solely on general IT staff for cybersecurity functions, potentially putting their highly sensitive files at risk.

A flexible hiring approach,including expanded internship programmes in collaboration with tertiary institutions and bootcamp providers, could give job seekers the experience they need to hit the ground running once they are hired in a cybersecurity role.

With entry-level cybersecurity roles like SOC analysts earning R22 000 – R25 000 per month and senior roles requiring experience and advanced certification commanding R1.5 million to R2.5 million per year, the industry could become a major source of high-value employment and help bring an end to the surge in cybercrime currently affecting businesses across the country.

Outsource your cybersecurity requirements with us

If you’re struggling to hire the right cybersecurity talent in your business, our range of cutting edge cloud storage solutions could be the ideal outsourcing solution. Our packages provide automated backup and data protection at highly competitive rates. Click the button below to learn more.

Get Advanced Backup

MTN Group Reports Ransomware Attack: Customer Data Compromised

MTN Group, Africa’s largest telecommunications provider, has experienced a significant cybersecurity breach in April. The incident, which led to unauthorised access to the personal information of customers in more than one market, is the latest in a series of cyber incidents at major companies across the country. 

Despite the breach, MTN confirmed that its core infrastructure, including network, billing, and financial systems, remained secure and fully operational. Here are the full details of the breach and what businesses can learn from MTN’s response. 

How the Breach Happened 

Though MTN is a household name in SA, the  cyberattack actually resulted in the compromise of customer data beyond our borders, with approximately 5 700 MTN Ghana customers being affected. 

An unknown third party claimed responsibility for the breach and demanded a ransom for the release of the stolen data – a classic MO for cyberattacks of this kind. 

At the time of publishing this update MTN had not disclosed the ransom amount, citing the ongoing investigation, and has also neither confirmed nor denied that paying the ransom is a strategy currently under consideration. 

Did MTN Respond Appropriately?

MTN’s reaction in the hours and days following this attack is a good example of proactive cybersecurity response and the benefits of risk mitigation. 

  • After discovering the breach, MTN activated its cybersecurity response protocols and altered law enforcement agencies such as the South African Police Service (SAPS) and the Hawks. 
  • This is the recommended course of action for any business dealing with a major cyber incident. 
  • The company also notified relevant authorities in affected countries and is in the process of informing impacted customers, adhering to local legal and regulatory requirements. As above, this is the approach favoured by cybersecurity experts: placing customer privacy and data first. 

MTN joins a long list of prominent cybersecurity victims across the country 

This incident is not the first of its kind, nor will it be the last, but it once again highlights the growing threat of ransomware attacks in the telecommunications sector. 

Earlier in 2025, Cell C, confirmed a data breach linked to a ransomware attack by the RansomHouse group. Unlike the anonymous MTN incident, this attack was carried out by a notorious cybercrime network with the intention of adding Cell C to their list of high profile victims. 

The ripple effects of cyberattacks have againbextended beyond telecoms to other essential services, including the travel industry. In May, South African Airways (SAA) suffered a major cyber incident that disrupted access to its website, mobile app, and key operational systems. The breach, which began over a weekend, significantly impacted customer services and internal processes, highlighting the broad-reaching consequences of digital vulnerabilities across sectors.

Whether hackers strike stealthily or make a show of their ability to penetrate digital defences, the increasing frequency of attacks like these underscores the need for robust cybersecurity measures across the industry and the economy as a whole. 

Secure your company data with us 

While MTN’s swift response ensured the protection of its core systems, the breach of customer data raises concerns about data privacy and the evolving cyber threats facing telecom and other industry operators. 

This incident serves as a reminder for companies to continuously assess and strengthen their cybersecurity frameworks to safeguard against future attacks.

To protect your business and clients’ critical data you need an integrated approach to cyber protection. Soteria Cloud offers an advanced backup package with secure managed cloud backup paired with Acronis Cyber Protect for the ultimate in data protection.  

To learn more about our packages and how they can keep your files safe and encrypted in the cloud, click the button below. 

Get Advanced Backup Today

SASSA Vulnerabilities Report – Cybercrime

SA Social Security Agency Releases Report on Large-Scale Cybersecurity Breach

The South African Social Security Agency (SASSA) has released an in-depth report following a large-scale breach of its cyber defences last year which is alleged to have cost taxpayers an estimated R175 million. 

The findings raise serious questions about the cybersecurity protocols in place at government departments and suggest several key areas for improvement.

While the cyberattack on SASSA was significant, it was not unique. With organisations of all sizes increasingly falling prey to hackers and cybercriminals, the report offers valuable lessons that every organisation can implement. 

Let’s take a closer look at what happened, what the investigation uncovered, and how businesses can use this information to keep their own data safe.

Large-Scale Cybersecurity Breach Detected by University Students

When hackers breached SASSA’s defences, they helped themselves to an enormous sum of money which was ultimately financed by South African taxpayers. The hacking group N4ughtySecGroup, which claimed responsibility, alleged that the amount stolen exceeds R175 million. 

A troubling revelation for commentators and the public is that the breach wasn’t detected by the department itself. In fact it was first-year computer science students Joel Cedras and Veer Gosai from Stellenbosch University who stumbled upon it while working on a research project.

In the wake of their discovery, SASSA launched an investigation, with cybersecurity specialist Stanly Machote and auditing firm Masegare & Associates tasked with uncovering how such a critical security failure had occurred. 

The report, recently presented to Parliament, outlines the modus operandi of those responsible, though their identities remain classified.

  • The hackers exploited vulnerabilities in the Social Relief of Distress (SRD) grant system, which was introduced during the COVID-19 lockdown as a R350-per-month survival grant. 
  • The government later extended these payments as a form of universal basic income for struggling families. Unfortunately, due to the sheer volume of applicants, authorities appear to have been unable to track exactly who was receiving SRD payments or whether the recipients were legitimate.

In analysing how, when, and why the SRD system was compromised, the report commissioned by SASSA outlines the following vulnerabilities in the department’s security infrastructure:

  1. API vulnerabilities – No rate limiting allowed mass querying of ID numbers, exposing application statuses.
  2. Data exposure & fraud risks – Sensitive applicant details were accessible, and high application rates suggested possible identity misuse.
  3. Unauthorised applications & payments – Grants were linked to ID numbers of non-applicants, raising misallocation concerns.
  4. Unofficial websites & phishing threats – Fake sites collected personal data, leading to financial loss and compliance risks.
  5. Authentication & phone-related risks – Multiple applications per number, SIM swap fraud, and inadequate cellphone ownership validation increased fraud potential.
  6. Encryption & security weaknesses – Poor encryption, missing security headers, and weak content security policies left data vulnerable.
  7. System & server vulnerabilities – Weak portal security, misconfigurations, directory enumeration risks, and unencrypted communications exposed the system to attacks.

For tech experts, this list reads like a how-not-to guide for cybersecurity, highlighting just how much SASSA’s lack of basic security protocols contributed to the breach. A reliance on old technology made the system an easy target for cybercriminals.

The report’s bottom line recommendations are clear: a serious overhaul of the department’s cybersecurity framework is long overdue.

The Lesson for Businesses: Don’t Repeat SASSA’s Mistakes

It’s easy to criticise the government’s lack of cyber preparedness and see it as yet another example of inefficiency, but the reality is that many businesses- both large and small- suffer from similar vulnerabilities.

  • A full-scale cybersecurity audit may sound expensive, but for larger businesses storing vast amounts of sensitive client data, it could be a necessity rather than a luxury.
  • No matter the size of your business, one of the most cost-effective ways to strengthen cybersecurity is through secure cloud storage, fully integrated across all the applications your team relies on.

To learn more about our range of data security products, including our comprehensive Total Data Protection (TDP) System, visit our website today.

Cloud Backup for Business & Home

Get TDP Today