Africa-Press – Eswatini. The lack of cybercrime investigators within the police service allegedly resulted to a systematic sabotage of a R16million fraud case within the Eswatini Telecoms.
On or around August 2019, R16million was allegedly looted by a cybercrime syndicate with alleged links to the royal family and EPTC Management.
National Commissioner of Police William Tsintsibala Dlamini who was flanked by the then Eswatini Post and Telecommunications Corporation(EPTC)Managing Director Petros Dlamini subsequently addressed the media during a press conference held at the Eswatini Telecoms offices in Mbabane, saying the matter was being investigated.
But now, it has emerged that the high profile case was undermined both by political influence and the lack of cybercrime investigators within the police service.
A cybercrime investigator is responsible for gathering evidence from digital systems that can be used in the prosecution of internet-based and or cyberspace criminal activities.
Sanele Bongi Sibandze, an Information Technology(IT)expert who was employed by the Eswatini Telecoms and subsequently arrested in connection with the alleged fraud, told on Tuesday that his arrest was just a cover-up as the police and the EPTC Management knew who looted the money.
“Police invaded and raided my home, they grabbed my gadgets including routers saying I was using these gadgets to hack the EPTC systems.I was arrested and while in jail, the Management dismissed me for absenteeism because at first,I was denied bail. The truth is, I was made a scapegoat because both the police and the management knew who looted the money.I was not working with the internal systems but was responsible for connecting eSwatini citizens to the world via the internet,” he said.
When addressing journalists during the press conference,National Commissioner of Police William Dlamini acknowledged that the R16million EPTC fraud case was complicated to them as the police service.
“This is a complicated case because it involves cybercrime but we are working on it. We request the media to give the police time to do their work without any disturbance,” said the National Commissioner.
Reached for comments, Ncobile Magagula,the Eswatini Post and Telecommunications Corporation(EPTC) Spokesperson said she was on leave and referred comments to Bongani Mtshali, the Head of Corporate Affairs.
“Good day,please email your questionnaire to Head of Corporate Affairs,I’m on leave,”said the EPTC Spokesperson.
As per the directive of the Spokesperson, a questionnaire was sent via email to Bongani Mtshali, the EPTC Corporate Affairs Manager, however, he had not responded at the time of compiling this report.
An independent investigation conducted by this Swaziland News uncovered that the cybercriminals used the farming strategy by establishing a well-coordinated fraudulent payment system by linking EPTC and banking details belonging to questionable companies with alleged links to those in power and the Management.
Farming in the cybercrime context defines the hacking tactics developed and implemented gradually within a longer period,it also involves interaction with the target and normally results to organizations losing millions.
Electronic evidence in our possession suggests that on or around June 2019, the cybercriminals allegedly colluded with EPTC General Manager Finance Muzi Dlamini, at the time, the payment system of the public company was flooded with invoices and payment vouchers for suppliers who were providing services for the Telecoms Charity Cup.
Muzi Dlamini is the son of Sibusiso Barnabas Dlamini, the then eSwatini Prime Minister who died,leaving behind wealth and or assets worth over R100million.
It has been gathered that after developing a payment system and loading banking details of the questionable companies that were used as a conduit, on or around August 2019 the cybercrime syndicate subsequently transferred R16million to different accounts belonging to ‘fraudulent’ corporate entities.
Evidence analysis conducted by this publication on the EPTC payment system suggests that payments are approved by more than one person, including General Manager Finance Muzi Dlamini.
The top Management responsible for approving payments normally receive an OTP for approval whenever the accounts department transfers or make payments to suppliers.
An OTP is a On-Time-PIN code that is automatically generated and sent by a banking system via an emails or mobile device to allow a single login session or transaction.
As a result, the electronic evidence in our possession suggests that General Manager Muzi Dlamini did receive an OTP seeking approval for the fraudulent transaction and he allegedly approved different transactions for more than two(2) days.
The alleged fraud was subsequently exposed after part of the R16million was deposited into a bank account belonging to Swazi who knew nothing about the deal and decided to raise an alarm, all implicated accounts were subsequently frozen.
A questionnaire was sent to Phindile Vilakati, the Police Spokesperson, however, she had not responded at the time of compiling this report.
Reached for comments, human rights lawyer Sibusiso Nhlabatsi confirmed that police in eSwatini were not capacitated to deal with cybercrime adding that few people are convicted even on simple cases of fraud.
“Police in Swaziland are not capacitated to deal with cyber crime. Take a simple case of fraud, how many people have you seen being convicted at the High Court for fraud? Even if they can arrest someone it seems they have difficulty with the evidence and it’s analysis.The police needs to strengthen itself in fighting crime in the cyberspace,” said the highly regarded human rights lawyer.
On another note, according to the United Nations(UN) office on Drugs and Crime’s Comprehensive Study on Cybercrime, there is limited awareness among both Governments and businesses regarding the risks and potential impact of cybercrime.