The Portfolio Committee on Social Development welcomes the preliminary investigation report confirming the validity of the findings about the vulnerability assessment and penetration testing challenges on the South African Social Security Agency's (SASSA) Social Relief of Distress (SRD) grant application and payment system.
The system assessment revealed several vulnerabilities, including potential issues with authentication mechanisms, server configurations, data encryption, and missing security headers. These vulnerabilities allow attackers to exploit weak points in the system.
These vulnerabilities could compromise the system's security and functionality. The impact of the issues identified poses significant risks, including unauthorised access to sensitive information, system disruption, and potential non-compliance with data protection laws. These vulnerabilities also expose SASSA to reputational damage and loss of public trust.
The preliminary investigation report recommended that SASSA implement targeted security improvements to mitigate further risks. These include adopting multi-factor authentication, enhancing verification protocols, expanding biometric checks, and enforcing end-to-end encryption for sensitive data. These measures will reduce the likelihood of fraudulent activities and ensure the secure handling of beneficiary information, further safeguarding the integrity of the SRD system.
The committee believes that implementing the report's recommendations and deepening the investigation will determine how much money could have been lost due to fraudulent activities, identify theft in the system, identify the culprits involved, and subsequent consequence management should follow.
The committee appreciates the undertaking by the Minister of Social Development, Ms Sisisi Tolashe, who committed to involve law enforcement and government agencies such as the Special Investigating Unit and the State Security Agency. Her undertaking shows that she takes this matter as seriously as the committee.
Distributed by APO Group on behalf of Republic of South Africa: The Parliament.
Source: Apo-Opa
Did you find this information helpful? If you did, consider donating.