advertisement
Facebook Instagram Linkedin Youtube Spotify
Search
Close this search box.
Facebook
X
LinkedIn
WhatsApp
Reddit

Dear South Africa targeted by script injection, says all is well

At the weekend it was alleged that public participation platform Dear South Africa was the target of a script injection. This is rather concerning as it brings into question the integrity of the platform if bots are able to submit comments on matters that could swing how decisions are made within government.

As such we contacted Dear South Africa to verify the claims we spotted online and it confirmed that it had been the target of a script injection. The organisation states that over 19 000 submissions were made by an individual running the script.

The organisation states that the entries originated from one IP address. That IP address is linked to NordVPN which raises some questions. Anybody using that NordVPN server that submitted a comment at the same time the individual mentioned above did, could be lumped into the legion of so-called fake submissions. As such, Dear South Africa detailed how it verifies a submission made via its website.

“Each and every submission is verified through return email checks. Bounced emails are flagged and recorded automatically – which is why we request participants to double check their email address on each campaign,” says Dear South Africa.

Essentially then, a legitimate email wouldn’t bounce and one to a fake email would. This isn’t a foolproof solution however as there are many legitimate email addresses on sale in the darker corners of the internet. A script could potentially use real email addresses, bypassing Dear South Africa’s protections but that seemingly didn’t happen in this case.

Dear South Africa is adamant the entries it has identified as part of the script injection are fake stating that this has been verified using bounce and delivery notifications from Amazon Simple Email Service.

Furthermore, submissions didn’t include a comment which is odd but not together out of the ordinary for a platform that tries to make it as simple as possible to be an active citizen. There are even examples of submissions made without a comment from the person making the submission.

As for the protections the website has, Dear South Africa tells us it has a honeypot, CAPTCHA and other “proprietary measures in place”.

“Furthermore, hardware and software firewalls are in place on all our servers while participant data is temporarily stored on the platform before being moved offline. We do have an invisible CAPTCHA (and other measures) in place and have recently strengthened measures, alarms and firewall rules – both locally and on our Amazon AWS framework (with the assistance of Amazon),” the organisation told Hypertext.

The more important question we had was how a Democratic Alliance councillor was able to get this data and share it with their Twitter followers. This raised concerns about a breach of the Protection of Personal Information Act (PoPIA) on social media.

Speaking to Rob Hutchinson from Dear South Africa, we were told that the incident was mentioned to the councillor who requested the data. The data that was then verified as fake through the Amazon Simple Email Service was then sent to the councillor at their request.

Essentially then, because the data isn’t linked to a real person according to Dear South Africa’s investigations, sharing it isn’t a breach of POPIA as the data doesn’t link back to a real or natural person.

“Dear South Africa does not share data with any third party, as per the privacy policy,” Hypertext was told.

While this is concerning, this is reportedly the first time Dear South Africa has experienced a script injection such as this. We should point out however that an incident such as this shouldn’t have occurred in the first place.

Cybercrime is not something that might happen to your organisation, it’s something that will happen sooner or later and it’s important to have measures in place to prevent breaches or attacks.

We hope that this incident prompts Dear South Africa to put protections in place that prevent script injections from sullying its data altogether in future.

advertisement

About Author

More
Brendyn Lotz

Brendyn Lotz

Brendyn Lotz writes news, reviews, and opinion pieces for Hypertext. His interests include SMEs, innovation on the African continent, cybersecurity, blockchain, games, geek culture and YouTube.
advertisement

Related News

IBM software via AWS Marketplace expands to 92 countries, including SA

Why connecting to space with Bluetooth matters

Moya Money is now Bloo Money

Apple comfortably floats above the negativity

AWS honours SMEs at Partner Awards

The best VPN for travel in China (in my opinion)

advertisement
Facebook Instagram Linkedin Youtube Spotify
Hypertext is one of South Africa’s leading technology news and reviews sites. We publish original content daily for consumers and businesses.
All original words & media by Hypertext by htxt.media are licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License. Permissions beyond the scope of this license may be available at Hypertext. Where images and material are supplied by rights holders outside of htxt.media, original publishing licences are indicated and unaffected.
Click here to suggest a story.
Click here for advertising.
© 2024. All rights reserved by HTXT.