Bureau Veritas hit by cybersecurity attack

Global testing, inspection and certification company Bureau Veritas has been hit by a cybersecurity attack, leading to complaints by clients in South Africa about the lack of service they are receiving from the company.

Bureau Veritas, which in 2017 invested several million euros in South Africa to expand its presence in the country, confirmed that its cybersecurity system detected a cyber attack on November 20, resulting in all the group’s cybersecurity procedures immediately being activated.

Sal Govender, vice president Southern Africa for Bureau Veritas Testing & Inspections SA, shared two media statements with Moneyweb that were apparently sent to the media globally and were also shared “with all our customers and clients”.

However, a Bureau Veritas client, who did not want to be named, said: “They were not shared with any customers I know, that’s for sure.”

The client told Moneyweb about 10 days ago that he had been trying for the past three or four weeks to get an invoice and a certificate of compliance (COC) from Bureau Veritas for goods he was exporting to Zimbabwe.

Read: South African enterprises can’t ignore the risk of cyber attacks

He said Bureau Veritas has been doing virtual inspections since the Covid-19 pandemic and the virtual inspection of his goods was done and he was sent an inspection certificate, which he had signed off.

Hands tied

“But the next step is to get an invoice for their inspection. Then they give you a clearance certificate and only then can you export your goods. If you get to the border without a certificate, they won’t let you through,” he added.

“I sent about 30 emails to the lady who was supposed to be handling my file to get my stuff to Zimbabwe but she just didn’t answer or is not looking at her computer or can’t see her computer, I don’t know.

“I must have phoned 20 different cell phone numbers [without them being answered] and phoned the office number, which rang for in excess of an hour,” he claimed.

Read: Understanding Popia and its impact on cybersecurity

“I just left my phone on my desk and let it ring. For the first half an hour, they said I was No 2 in the queue and for the second half an hour, I was No 1 in the queue. But they didn’t answer that phone call and eventually I just had to put it down,” he said.

The woman who runs the freight company the client uses then managed to get hold of someone at Bureau Veritas and “after much fighting and screaming by me, my customers and my freight company in South Africa” they eventually gave him the COC for the goods this past Saturday morning.

Disaster plan?

The client said he understands that things can go wrong but stressed that somebody needs to come back to you to tell you what is happening.

Clients were however ignored, which is the problem.

He added that a company the size of Bureau Veritas surely must have a disaster plan so that when they have a computer problem “the whole world doesn’t just stop”.

‘Preventive decision’

Bureau Veritas said a preventive decision was made in November to temporarily take its servers and data offline to protect its clients and the company while further investigations and corrective measures were in progress.

It confirmed that this decision generated a partial unavailability or slowdown of its services and client interfaces but said it had deployed its own teams, supported by leading third-party IT experts, to ensure business continuity and minimise disruption to its clients, employees and partners.

In an update on the cybersecurity attack released on December 2, Bureau Veritas said that thanks to its cybersecurity system preventive and contingency measures, all of the group’s businesses have been able to continue operating.

“As of today, more than 80% of our operations are running at a normal level,” it said.

However, the company said some regions still have IT systems running at a reduced rate and it continues to have preventive measures in place to protect its clients and their IT assets.

“The company expects to recover most delayed activities in a short period of time,” it said.

“We are evaluating any potential impact. We would like to thank our clients for their continuous cooperation and trust.”