Gaping holes in South African government cyber defences

South Africa's Auditor-General has found that 64% of 70 assessed government entities have notable cybersecurity weaknesses, with 8 exhibiting critical vulnerabilities. Penetration testing confirmed multiple government environments were breached in 2024/2025. The South African Bureau of Standards suffered a ransomware attack in November 2024 that encrypted all systems and halted operations — 15 months later it was still recovering — despite the AG flagging risks since 2021. Common failings include lack of backup testing, absent vulnerability management tools, weak access controls, unpatched systems, and poor incident response. The National Health Laboratory Service and KwaZulu-Natal Nature Conservation Board also suffered breaches. Overall IT control environments declined across 191 audited entities, with R5.5-billion in infrastructure spending failing to improve modernisation or resilience.