Posted on Leave a comment

Has Corporate South Africa Been Infected by ANC Corruption, Greed & Negligence? Dimension Data NTT Case Study

Has Corporate SA Been Infected by ANC Corruption, Greed & Negligence? Dimension Data NTT Case Study

The Untouchables in a Gangster’s Paradise? Is it reasonable or ethical to make use of companies that do not consider themselves to be held accountable, for their actions in any private or public enterprise? While Big Tech has become seemingly untouchable, even from the US Supreme Court or Whitehouse, the same culture of supremacy, greed, lack of accountability, lack of transparency, and lack of responsibility seems to have created and sustained an environment in South Africa where IT negligence is acceptable, and lack of accountability is the norm, even when it comes to government institutions, contracts and tenders.

Just a few of the institutions in South Africa that have had their systems breached just over the last few weeks include: Transnet, Department of Justice, SA Space Agency, African Bank to name but a few, so the situation in South Africa has really gotten serious, yet no one is talking about it, especially not the so called IT Tech Media who are milking it in advertising revenues from the IT sector, especially during lockdown.

Just in government related systems, South Africans are facing potentially many threats, for example the capturing and encrypting of their data such as those being used by:

  • SARS (South African Revenue Service)
  • IEC (Independent Election Commission)
  • Eskom (Including Koeberg control systems?)
  • Public servant salary systems
  • EVDS data (Electronic Vaccine Data System)

And unfortunately, many more, who we probably will never hear of…

The implications of security breaches in one or more of these systems will have dire consequences for all South Africans as they are public services, particularly in the current climate of political and economic uncertainty, instability and factions.

And it is not as though these data breaches are not preventable. For example, the DOJ equivalents in the United States and the United Kingdom have not had their systems breached. There will be cases where systems can still be breached, but the number and effect of these breaches will be limited if systems are properly maintained and secured. Is that not why so many millions are being spent?

According to industry insider iSAT, who is currently in litigation against Dimension Data and NTT Ltd., the following is an example of what needs to be done in this case, to help prevent more disasters and at least try and mitigate the problems South Africa is currently facing:

  1. SITA (State Information Technology Agency) should immediately blacklist companies like Dimension Data and NTT Ltd (and any entity that either party is involved in) from competing for any SITA contracts. SITA is responsible for awarding contracts for government related IT infrastructure. See list of SITA service providers at RFB 1183 Contact details amended list- 02-03-2021.pdf (sita.co.za) Dimension Data have a long and sometimes difficult history with SITA. See Dimension Data dismisses corruption allegations (mybroadband.co.za)
  2. Any existing contracts that Dimension Data and NTT Ltd may have in place with SITA, should be reviewed and preferably taken over by a third party with the correct experience and credentials and business ethics.
  3. Non-government companies and institutions making use of Dimension Data and NTT Ltd infrastructure and/or consulting services should understand that they will be held fully responsible should data be stolen, and/or encrypted and losses be incurred by their clients and shareholders. They should get risk assessments done as a matter of priority.

 

As previously reported, after the catastrophic failure of Internet Solution’s Cloud Platform, in February 2019, it was disclosed, via an email from Internet Solutions, that the Cloud operating software being used, OpenStack, had not been maintained and updated by Internet Solutions for years.

The version of Openstack software had actually expired (reached End of Life) 4 years before the Cloud Platform failed. In the IT industry, not maintaining software, particularly, connected to the Internet, directly or indirectly, is as close to criminal negligence as it can get because that is after all one of the reasons you hire IT firms, to do due diligence on such seemingly trivial matters.

Shortly after this Cloud Platform failure, Dimension Data announced that Internet Solutions was getting absorbed into Dimension Data, Internet Solutions was widely recognized as the oldest Internet Service Provider in South Africa and the Internet Solutions brand name was extremely highly recognized and regarded.

Dimension Data refused to accept any accountability and denied negligence. ISAT approached NTT Ltd, the holding company of Dimension Data. Instead of taking the necessary steps to remedy the negligence, NTT Ltd instead accused iSAT of harassment. NTT Ltd thereby condoned the behaviour of its subsidiary. This is a typical step in the IT industry today, where IT companies attempt to bluster and take advantage of the ignorance, or lack of training, of their customers.

Having to fight the system themselves, iSAT then made public all documents relating to the negligence via the https://www.isat-vs-is-and-dd-and-ntt-ltd.net Web site, yet despite being asked multiple times to check the content of the Web site, Dimension Data and NTT Ltd, decided to rather try and hide the truth and take the approach of gagging iSAT via a court order. What do they have to hide?

iSAT readily agreed to take the Web site down until the case was heard in the High Court, which was finally done on 18th March 2021. The presiding Judge said that he would deliver judgement after 30 days. The matter being a simple one, iSAT had expected this to be a quick process, considering Dimension Data and NTT Ltd could not find anything that it considered incorrect on the Web site that iSAT had created.

Interestingly, almost as an indirect admission of guilt, the CEOs of Dimension Data (Grant Bodley) and NTT Ltd (Jason Goodall) announced in advance that they would be stepping down from their positions on 1st April 2021, which they duly did. The new CEO of Dimension Data is Werner Kapp and the new CEO for NTT Ltd is Abhijit Dubey.

Unfortunately, 6 months have passed with the two new CEOs in charge, Werner Kapp and Abhijit Dubey, and neither have attempted to contact iSAT, or make a relevant statement to the press, so it must be assumed that they too believe that the industry standard of correctly maintaining system software is unnecessary.

Various long standing Dimension Data executives, including founding members, also jumped ship and parted ways with Dimension Data in June 2021, see Dimension Data founder Jeremy Ord quits amid massive exec exodus | ITWeb .

Additionally, and more perhaps concerning, within weeks of the legal process starting, any employees of Internet Solutions/Dimension Data who had communicated with iSAT, were no longer employed by those companies.

Those employees include Michelle Brink (account manager), Andrew Green (Cloud engineer), Basha Pillay (Cloud manager for Internet Solutions) and Julian Sunker (Internet Solutions and Dimension Data CFO, and listed Director for Internet Solutions and Dimension Data).

It took 7 months, for the High Court judgment to be delivered against iSAT, exactly one day before iSAT was to release a press release it had forewarned Dimension Data of. A coincidence? iSAT forwarded details to the Directorate for Priority Crime Investigation (Hawks) to investigate that potential problem in their own time.

It is indeed in the interest of South Africans in particular that this information gets out. Nothing has changed. Dimension Data and NTT Ltd have still been negligent and refuse to accept accountability, especially in light of the South African judiciary system was compromised by cyber criminals, as SA-News reported on.

The cause of these breaches quite often, is when software being used is not being maintained properly. Most software updates released are security related. As can be seen from updates for Windows 10 and other Microsoft products, it is a dynamic environment where the hackers compete against the system managers who continuously have to bring out patches and updates to keep the system secure.

iSAT have been a lone voice in the wilderness trying to get people to understand how serious and how unacceptable this behavior is by large IT companies in South Africa, like Dimension Data and NTT Ltd, when they do not properly maintain systems connected to the Internet.

It should be clearly understood as well, that if the cybercriminals can encrypt data and demand a ransom, it means that they have access to the data to copy, and then sell, normally on the dark web.

It is thought that the Department of Justice (DOJ) hackers had access to the DOJ data since April 2021. High Court judges have had to resort to documenting legal matters on paper, DOJ data has been encrypted and is inaccessible. Data backups have also been encrypted. It should be realised and admitted that all data on breached DOJ servers will now be for sale on the dark Web.

When the information of Dimension Data/NTT Ltd.’s negligence was originally exposed in the press, no comment was made by any of the executives at the other large IT companies in South Africa, like for example Datacentrix, Westech, Business Connexion and Bytes.

Possibly because the press reaction to the news was fairly subdued. In South Africa and other countries there is often a problem with news reporting being one sided when one of the parties involved regularly provides paid content (advertorials) or advertising for the news site.

Dimension Data and NTT Ltd are owned by Nippon Telegraph and Telephone. Nippon Telegraph and Telephone employ over 300 000 people around the world and are 33.33% owned by the Japanese government. Does Nippon Telegraph and Telephone condone the negligence and lack of accountability of its subsidiaries Dimension Data and NTT Ltd? What does the Japanese government have to say about this?

Unfortunately, acting on this information could result in major job losses within Dimension Data and NTT Ltd, and the IT industry as a whole, both in South Africa and the many other countries that they operate in. However the risks for the general South African population as a whole will be reduced if actions like those of Dimension Data and NTT Ltd are brought to account.

According to iSAT, it may even be possible for those Dimension Data and NTT Ltd employees, who lost their jobs to institute a class action suite against NTT (Nippon Telegraph and Telephone).

There are of course many excellent employees at Dimension Data and NTT Ltd and iSAT still works with a group of those people in the Dimension Data business group Ignite.

iSAT recommends that individual South Africans check with institutions they make use of like banks, medical aid and insurance companies, and other medical institutions, to check whether these institutions are making use of Dimension Data or NTT Ltd, infrastructure or getting security support from them, or if the company they use is updating critical software as needed. Quite often updates are linked to extra costs.

These institutions should be made aware that in the case that their systems are breached, they been giving due warning and could be held liable by their clients/customers.

 

Read also: Cyber hackers try to steal Bitcoin to the value of R500 0000 on Johannesburg municipal computer system

 


 

Posted on Leave a comment

Coincidence? High Court Rules in Favour of IS / Dimension Data, Both of Whom Failed to Keep Crucial IT Software Updated!

Coincidence? High Court Rules in Favour of IS / Dimension Data, Both of Whom Failed to Keep Crucial IT Software Updated!

Surely companies that defend a failure to maintain vital IT systems, should not be allowed anywhere near government contracts to support systems serving the people of South Africa? In fact, they should not be allowed any systems at all, but particularly government systems that could be infiltrated such as SARS, IEC, Home Affairs, EVDS, Eskom etc. especially given that SA Court systems are already insecure as SA-News recently reported.

Internet service provider iSAT South Africa has been struggling with an ugly ongoing dispute with the company formerly trading as Internet Solutions which was taken over by Dimension Data. Dimension Data/NTT Ltd stands accused of causing severe financial and reputational harm to iSAT over their failed cloud system called CVM, which iSAT had been using since 2014.

Whilst not denying the mistake, Dimension Data denied liability and headed to the High Court to prevent iSAT and its CEO, Rory Pearton, from making this debacle public. “Unfortunately, in March 2019, the cloud-based solution, based on a world-class product known as OpenStack, failed catastrophically, iSAT lost key business data that was duplicated over multiple cloud instances,” iSAT said in a statement at the time.

After the failure, Dimension Data admitted that they had not maintained their CVM solution for more than four years, and that the OpenStack operating system was over four years past its end of life. Unfortunately, instead of accepting responsibility, they tried to deny any wrongdoing. In iSAT’s opinion, Dimension Data has also tried to cover up its terrible failings.” said Pearton in the statement.

As a result of the system failure, a project that iSAT had been working on for more than four years had to be scrapped, Pearton said, adding that this was because the historical data collected for analysis and predictive purposes was lost. “Scrapping of this project has led to substantial financial losses for iSAT.

But Dimension Data was having none of it and responded by accused iSAT of engaging Dimension Data in numerous threatening correspondences since September 2019, regarding a service outage that had taken place six months earlier in March 2019.

Pearton published a website accounting for what happened, and published emails, which it said it received from Internet Solutions, stating that the CVM cloud platform had run on an outdated version of Openstack. Openstack is an open source cloud computing platform that began as a joint project between Rackspace Hosting and NASA.

Nowadays the development of Openstack is financed through the Open Infrastructure Foundation whose sponsors include the usual suspects like Facebook, Tencent, AT&T, Ericsson, Huawei, and Red Hat. New versions of Openstack are released every six months, with several old versions of the software having been declared expired or “end of life”. The developers no longer maintain or provide security updates for these end of life versions of Openstack. According to the information iSAT published, Internet Solutions stated that it had been running a version of Openstack called “Icehouse” at the time of the CVM crash. Openstack Icehouse had been end of life since 2 July 2015

This damning information compelled Dimension Data to institute a high court application to force Pearton to stop with his ongoing exposure. As a result Pearson was forced to shut down this web site because of the gag order from Dimension Data/NTT Ltd.

In a response to the recent High Court decision iSAT publicly issued the press release saying that the judge made that decision, exactly one day after Pearton sent Dimension Data a copy of the press release scheduled to go out two days later. That was their first contact with Dimension Data since the High Court case on 18th March 2021. The timing of that decision seemed too much of a coincidence, and Pearton has sent details of that case to the Directorate for Priority Crime Investigation (the Hawks).

“When I made the decision about two years ago to expose Internet Solutions (which ended up being absorbed into Dimension Data), I really did not know what I was getting myself into,” Rory said in the press release.

“I thought that being in the right would overcome all obstacles. Various people warned me of course, that taking on a company as large and powerful as Dimension Data would be very difficult. The stress on me and unfortunately those nearest and dearest to me has been immense. And of course, the global pandemic has not helped.”

“It has indeed become the hardest thing I have ever done, by far. And my sympathy and support go out the whistleblowers out there exposing corruption and malpractice within the companies they have worked in. People like Francis Haugen (Facebook could be facing a ‘Big Tobacco’ reckoning – CNN) are real heroes.”

“I started off by taking legal advice from two different law firms and they both told me that the normal legal route would be to sue Internet Solutions for losses, but that the process would take many years. I also discovered that the financial costs would be much more than I could ever afford.”

“I then contacted various IT media news companies, and suggested they investigate the problem. Much to my surprise most of them did not even bother to respond to me, and none of them was interested in investigating and reporting on the issue. It turns out of course that many of those IT media news sites survive on advertising from companies like Dimension Data. So, so much for free and unbiased news reporting.

“I decided to go public and set up a Web site myself showing all the related documents from Internet Solutions. The site highlighted the issues iSAT suffered because of the catastrophic Internet Solutions Cloud Platform failure In February 2019.”

“One of the most important documents made available on the Web site was an email where Internet Solutions disclosed that the cloud software, OpenStack, being used for the Cloud Platform, had not been updated in many years. In fact, it had been in EOL (end of life) stage for more than four years.”

“That in two sentences is the core of the matter. It is, of course, not acceptable that an organisation which provides services to the public, other business, or state institutions does not maintain the infrastructure that the services run on. That applies both to hardware and software.”

“My goal has never been to destroy Internet Solutions or damage Dimension Data/NTT. The goal was to force these companies to conduct business in an ethical, responsible, and accountable manner.”

“Unfortunately, Internet Solutions now no longer exists and has been absorbed into Dimension Data. A sad end to what was once a brilliant company, created by a group of very clever and innovative individuals back in 1993.”

“The goal was also to resolve the issues and keep the resolution private, via a non-disclosure agreement, to protect the Dimension Data/NTT Ltd employees. Dimension Data unfortunately has tried to distract everyone by avoiding the issue of negligence and talking about the amount that ISAT is claiming from them.”

“Of course, the amount of money in damages is large. But it was based on the lowest of three projected income streams from iSAT’s business model. And it did not take into account the income from the future sale of iSAT which would generate increasing income for many years to come for the buyer. This was a project that we had been working on for more than 4 years. I also have more than 40 years’ experience in the IT industry and have worked on many large projects.”

“In the eyes of Dimension Data and NTT Ltd, the amount would hopefully be onerous. That would discourage them from being negligent and trying to cover up that negligence in the future.”

“In the eye of their ultimate holding company, the Japanese Nippon Telegraph and Telephone, the amount would be small. NTT employ over 300 000 staff around the world.”

“Systems connected to the Internet that are not maintained to industry standards are at high risk of being compromised by cyber criminals. In South Africa alone over the last several weeks, cyber criminals have gained access to Transnet and the Department of Justice.”

“Because of Dimension Data/NTT Ltd casual attitude to industry standard maintenance of systems, they have promoted an attitude that it is fine to be negligent and that lack of accountability is the norm, amongst IT companies particularly in South Africa.”

“In the previous email, I suggested that Dimension Data/NTT Ltd be blacklisted from any contracts awarded to them by SITA (State Information Technology Agency).”

The above press release was sent out to various tech news platforms, so it will be interesting to see who actually reports in it, but more importantly, who does not…

 

Read also: SA Courts No Longer Secure! How Long Before SA Balkanizes and is Declared a Humanitarian Disaster?


 

Posted on Leave a comment

Did Tobacco Giant BAT Give Mugabe USD $500,000 to Release Their Private Spies in 2012? – Leaked Documents

Did Tobacco Giant BAT Give Mugabe Up to $500,000 to Release Their Private Spies in 2012? - Leaked Documents

According to documents seen by the BBC program ‘Panorama‘, British American Tobacco’s (BAT) private spies were caught spying on Savanna Tobacco’s factory, in Zimbabwe in 2012. After paying for talks with high-ranking Zanu PF members, about a donation of up to half a million dollars, the 3 spies were released. BAT is the manufacturer of Lucky Strike cigarettes and is one of the largest companies in the UK, where the multinational tobacco monopoly is headquartered in London.
Continue reading Did Tobacco Giant BAT Give Mugabe USD $500,000 to Release Their Private Spies in 2012? – Leaked Documents