Durban, KZN, South Africa - Cityscape
Durban, KZN, South Africa - Cityscape Magda Ehlers/

Minister of Public Works and Infrastructure Dean Macpherson on Wednesday revealed that cybercriminals stole R300 million from the Department of Public Works and Infrastructure (DPWI) over the past 10 years.

The DPWI manages public infrastructure and provides accommodation and property management services for all South African government ministries.

In the most recent incident in May, cyber attackers stole an additional R24 million. This prompted a thorough forensic investigation by the Hawks, South African Police Services, the State Security Agency and experts in the information and communications technology (ICT) and cybersecurity industry.

Macpherson and Deputy Minister Sihle Zikalala discovered this during their detailed assessments of the department's work and briefings from department branches.

"It has become clear that the department has been a soft target and playground for cyber criminals for over a 10 year period and this should have been picked up a lot earlier. I felt it important to let South Africa know what has happened and what we are doing about it," Macpherson said, as per the South African Government website.

He added, "I cannot discount the possibility of collision between officials and criminals in this prolonged period of theft. It is clear that we need better financial controls which I have said to the department are a matter of urgency."

Macpherson vowed to crack down on the criminal syndicates responsible for the cyber thefts, whether they operate internally or externally. The minister noted that this kind of theft must stop immediately, explaining that he can't allow the department to be victimized by unchecked theft.

"This money could have been used to improve infrastructure and the lives of South Africans. The investigation will be expanded to uncover the masterminds and beneficiaries of this crime, and I expect to see them prosecuted and imprisoned," he said.

In May, the department announced a full forensic investigation into vulnerabilities in its information and technology systems. It identified these weaknesses with help from its banking partners like ABSA and the South African Reserve Bank.

The investigation, led by cyber and ICT security experts, focuses on finding out what caused the breach and identifying vulnerabilities, assessing how susceptible the department's ICT infrastructure is to cyber-crime and addressing issues related to staff capacity and weaknesses in ICT systems.