The South African Department of Home Affairs announces the removal of visa requirements for several nationalities.

Several airlines denied boarding to some international passengers on flights bound for South African airports last week, even though South Africa’s borders had reopened.

Confusion over South Africa’s entry requirements forced airlines operating flights to South Africa to refuse passage to passengers of certain nationalities, during the first few days of South Africa’s borders reopening.

SUSPENSION OF VISA FREE-ENTRY SINCE MARCH    

Visa-free entry to the Republic of South Africa, for citizens of foreign countries, was temporarily suspended at the start of the national lockdown in March.

In a document received by the Association of Southern African Travel Agents (ASATA), on 4 October, the Department of Home Affairs confirmed that visa-exemption status has been reinstated for citizens of several countries.

NATIONALITIES THAT ARE VISA EXEMPT

The letter states that the Minister of Home Affairs has reinstated visa-exemption status for citizens of the following countries, when entering South Africa:

• South Korea
• Spain
• Italy
• Germany
• Hong Kong
• Singapore
• USA
• UK
• France
• Portugal
• Iran

NATIONALS OF VISA-EXEMPT COUNTRIES ARE ABLE TO VISIT SOUTH AFRICA

The document from the Department of Home Affairs states that nationals from the 11 countries listed are free to visit South Africa provided they comply with the applicable health and hygiene protocols in place.

This comes as a result of airlines refusing carriage to passengers from certain countries when boarding flights to South Africa last week.

PASSENGERS USING SOUTH AFRICA AS A TRANSIT POINT

The document grants permission to travellers who intend using South African airports as a transit point for connecting flights to other destinations, provided health and hygiene protocols are complied with.  

The Minister of Home Affairs Dr Aaron Motsoaledi convened an inclusive meeting involving senior immigration officials and ports of entry managers to address the challenges arising from the implementation of Regulations pertaining to travel into the Republic, including opening the tourism industry and promoting trade in order to stimulate economic recovery.
The Minister of Tourism, Ms Mmamoloko Kubayi-Ngubane, was consulted prior and during the meeting and fully endorses its outcome.
The visa free status of citizens of some countries and territories was temporarily suspended at the start of the lockdown period. In line with the commitment of Government to take urgent steps to address the economic and tourism stagnation brought about by the outbreak of Covid-19, the visa free status of citizens from the following countries and territories has been reinstated:
•    South Korea;
•    Spain;
•    Italy;
•    Germany;
•    Hong Kong;
•    Singapore;
•    USA;
•    UK;
•    France;
•    Portugal
•    Iran
However, the visa free status does not alter the current Covid-19 Regulations.
The Minister has instructed officials to communicate this decision to the aviation industry, embassies and other stakeholders as a matter of urgency.
The port managers have been instructed to adhere to the SADC protocol and guidelines regulating the movement of essential goods under Covid-19 Regulations. The guidelines regulating truck drivers travelling across the border will continue to apply as has been the case for the past seven months.
In view of the confusion regarding the 72 hours negative test requirement, we reiterate that business persons providing services across the borders of SADC are allowed multiple entry subject to the following:
•    Producing a certificate of negative Covid-19 test result not older than 72 hours from the time of departure. This certificate is valid for 14 days.
Minister Motsoaledi is fully aware of the issue of airline and maritime crews and he has been informed that the Minister of Transport is resolving the matter and a statement to that effect will hopefully be issued by the Minister of Transport today.
Immigration officers will be required to assess the movement and place of origin of the traveller and not the country of origin of the airline concerned.
Transit travellers through South Africa by air will be allowed to connect to their destinations, subject to them complying with applicable health protocols but need not produce the 72 hours negative certificate.
As communicated on 30 September 2020, visa services, including submission of applications through VFS Global, have resumed in the following categories:
Visitor’s visas; study visa; treaty visa; business visa; crew visa; medical treatment visa; relative’s visa; general work visa; critical skills work visa; intra-company transfer work visa; retired person visa; corporate visa; exchange visa;  waiver of prescribed requirement, as contemplated in section 31(2)(c); and appeals or reviews contemplated in section 8 of the Immigration Act.
Any person from a country listed as having a high COVID-19 infection and transmission rate, who wish to undertake a business travel into South Africa, may, in writing, apply to the Minister of Home Affairs and demonstrate reasons for their request to enter the Republic for business purposes during the period of the national state of disaster.
 Such applications must be directed to email Covid19BusinessTravel@dha.gov.za and supported by:
a.    a copy of passport and/or temporary residence visa;
b.    proof of business activities to be undertaken in the Republic;
c.    proof of travel itinerary; and
d.    proof of address or accommodation in the Republic.
The list of high risk countries as published on 30 September 2020 is:
Albania    Honduras    Oman
Argentina    Hungary    Palestine
Armenia    Iceland    Panama
Austria    India    Paraguay
Bahrain    Iran    Peru
Belgium    Iraq    Portugal
Bolivia    Ireland    Puerto Rico
Bosnia and Herzegovina    Israel    Qatar
Brazil    Jamaica    Romania
Chile                        Jordan    Russia
Columbia    Kuwait    Slovakia
Costa Rica    Lebanon    Suriname
Croatia    Luxemburg    Switzerland
Czech Republic    Maldives    Ukraine
Denmark    Malta    UAE
Ecuador                        Mexico    United Kingdom
France            Moldova    USA
Georgia    Montenegro    Venezuela
Greece    Nepal     
Guatemala    Netherlands     
Guyana    North Macedonia     
 
The list of these high risk countries will be updated fortnightly and can be accessed via this link >>> Click here for the updated list
Immigration officers have been instructed to apply the requirements with a measure of flexibility in order to allow applications for business travel to be lodged at the ports of entry if and when necessary and await the outcome before entry into the Republic is allowed.
All other categories of travellers from medium and low risk countries are required to produce a certificate of negative COVID-19 test result not older than 72 hours from the time of departure. Any person who fail to submit the certificate will be required to quarantine at his or her own cost.
www.samigration.com

It has taken four years of legal battles – but now, if you were born in South Africa to foreign parents, you can apply for citizenship. It has been an “agonizing journey” for those who consider South Africa to be their only home.The department of home affairs’ opposition to the court bid by five adults, representing others in a similar situation, for the vindication of their rights, was dealt a death blow by the Constitutional Court last week. The court simply ruled that it would not hear any further argument on the matter.

The department had not filed its papers in time, and it had not given good reason for this. What this means for Mariam Ali, Aden Salih, Kanu Nkololo, Caroline Masuki, Murphy Nganga and any others “similarly situated” is that their previous victory in the Supreme Court of Appeal (SCA) now stands.In terms of that order, the minister must accept their applications for citizenship and make a decision within 10 days.

The SCA declared that if you were born in South Africa to foreign parents who have not been admitted as permanent residents, you qualify to apply for South African citizenship upon becoming a major – if your birth was registered and if you have lived here all your life, irrespective of the date of your birth.It also ordered the minister to enact the necessary forms to allow for such applications within one year. Pending this, he must accept applications on affidavit. The application, brought with the assistance of the Legal Resources Centre (LRC), was first set down in the Western Cape High Court.

It was argued that the centre’s clients had all complied with the Citizenship Amendment Act, which came into effect in January 2013. They were all born in South Africa to foreign parents and they had all turned 18, but their applications for citizenship under naturalisation laws were being refused.

.In that court, the minister argued that the act only applied to children born after January 2013 and could not be applied retrospectively. In fact, his lawyers argued, it did not even apply to children who turned 18 after that date but only to children born after that date.

There, the department of home affairs changed its argument. Retrospectivity was no longer an issue. Instead, it was argued that those affected should have put the minister on terms to deal with their applications and, if they were refused, they could then launch court proceedings to review and set aside the decisions.

“

.

“Despite these concessions, some 10 months later, the state decided to change its stance. We believed it was an abuse of process. They plainly had no reasonable prospects of success and again it showed a total disregard for taxpayers, who have to foot the bill for these types of vexatious proceedings.”

She said that during those 10 months, when there was no indication of any appeal, the clients had submitted their citizenship applications but they were not dealt with.

“Following the dismissal of their appeal, we will now be demanding the adjudication of those citizenship applications and we will approach the courts if necessary, should a decision not be made within 10 days, in accordance with the SCA ruling.

“Our clients have had to endure a long and painful journey to obtain citizenship, with some of them all but giving up hope of being finally accepted by a country they have grown to love – the only country they have called home.

“A large part of this agonizing journey could have been avoided if decision makers within the department of home affairs exercised reason and caution by not arbitrarily abusing the court processes to delay and frustrate the exercise of the clear and unequivocal right of these applicants.

Minister of Home Affairs v Miriam Ali and Others [2018] ZASCA 169 (SCA) (Case no. 1289/17, Supreme Court of Appeal – Court Order Date: 30 November 2018)

2.1 The matter pertains to the interpretation of section 4(3) of the South African Citizenship Act 88 of 1995 (amendment that came into effect on 1 January 2013) in which the main issue was whether or not the section applies with retrospective effect and further is the respondents (on appeal) satisfy the requirements of citizenship by naturalisation. The question was whether in the absence of Regulations, the High Court was correct in directing the Minister to accept applications on affidavits as the order encroached upon the doctrine of separation of powers.

 2.2 The Supreme Court of Appeal issued the order that:

 “The Minister shall –

3.1 Within one year of the date of this order make regulations in terms of s 23(a) of the South African Citizenship Act 88 of 1995 (the Act) in respect of applications for citizenship by naturalisation in terms of s 4(3) of the Act;

3.2 Pending the promulgation of the regulation in 3.1 above, accept applications in terms of s 4(3) South African Citizenship Act 88 of 1995, on affidavit.”.

Why has his department not fully complied with the court order?

2.3 The DHA was advised to approach the Constitutional Court (“CC”) as the Order of the SCA had the effect of encroaching upon the subordinate legislative powers of the Minister. The CC declined to hear the matter largely because the DHA delayed in launching the appeal proceedings.

Business Insider SA -  Sep 30, 2020

South Africa's borders open for all foreign travellers on Thursday, and airlines already have flights lined up.

• But there is still no list of countries for which travel restrictions will apply, based on their level of coronavirus risk.
• Transport minister Fikile Mbalula should announce that list at 15:00 – but cabinet still has to sign off on it, so it may not happen.

South Africa may release its red list, of countries for which travel restrictions apply due to their coronavirus risk, this afternoon – some nine hours before borders officially open.

But not necessarily.

His team "expect that" transport minister Fikile Mbalula will announce the list at a press conference scheduled for 15:00, his spokesperson Esethu Hasane told Business Insider South Africa, but it is not entirely in his hands.

"Cabinet is due to discuss it today," said Hasane. "If cabinet gives the green light, the minister will then announce."

President Cyril Ramaphosa announced the reopening of South Africa's borders for leisure travellers in mid-September, and immediately cautioned that there may be restrictions for travel to and from some countries, "based on the latest scientific data we can get on those countries".

There has been no indication from the government in the intervening two weeks as to what metrics may be used, how often a red list would be updated, or what kind of notice travellers would be given before any countries are added or removed from the list.

Nor has there been any official word on whether restrictions will be limited to a requirement to self-isolate on arrival, for those from high-risk countries, or whether travellers could be banned from entering South Africa entirely.

According to already in-force regulations, travellers to and from other countries on the African continent will be excluded from any such restrictions, while cruise ships remain explicitly banned from SA shores.

All travellers, including those from elsewhere in Africa, will be required to present a negative test result for the coronavirus that is less than 72 hours old, or face quarantine.

Several airlines expect to resume flights to South Africa tomorrow, including from countries with high and rising rates of infection.

www.samigration.com

A honeypot created by Cybereason to lure cybercriminals and analyze their methods showed that ransomware attacks infiltrate their victims in multiple stages.

Some types of cyberattacks are one-and-done deals where the cybercriminals get in and out quickly after infecting or compromising an organization. Other types of attacks, however, expand over a period of time as they try to impact additional resources within the organization. Using a honeypot, researchers at security firm Cybereason were able to attract multiple criminals using ransomware and follow each stage of an attack.

A honeypot is a network infrastructure built specifically to reel in cybercriminals to see how they behave and carry out a typical attack. In this case, Cybereason devised an extensive network architecture that pretended to be part of an electricity generation and transmission provider's network. As such, this honeypot contained an IT environment, an OT (operational technology) environment, and HMI (human machine interface) management systems.

More about cybersecurity

After the honeypot officially opened for business, it took only three days for cyberattackers to infiltrate the network and fill it with malware, Israel Barak, chief information security officer at Cybereason, told ZDNet. But the attack was carried out in distinct stages as the criminals carefully and stealthily forced their way from one resource to another.

In the first stage, the attackers gained initial access by exploiting publicly accessible remote administration interfaces. Such interfaces are typically designed by network operators to give technical support staff the ability to remotely connect to the network. To invade the network, the attackers were able to brute force the administrator's account password and sign in remotely. After that, the criminals uploaded and ran a PowerShell script to create a backdoor so the attackers could persistently use and abuse the admin account without being detected.

Image: Cybereason

In the second stage, the criminals uploaded more attack tools via PowerShell. One of those was Mimikatz, an open-source tool used to steal user credentials. The stolen credentials were used in an attempt to move laterally across the network to the domain controllers. However, the attempt failed as none of the compromised accounts had permission to access the domain controllers.

In stage three, the attack continued to try to move laterally by leveraging a network scanner to discover additional endpoints. Finally, in the fourth stage, the ransomware launched on all the compromised endpoints.

The ransomware attack against the honeypot shows that cybercriminals use multiple stages to infect as many machines as possible and maximize their profits. Instead of just deploying the ransomware on one system, they'll move laterally throughout the network to hit one machine after another before finally launching the ransomware.

"This finding is consistent with what we have been seeing about ransomware in particular," Javvad Malik, security awareness advocate for KnowBe4, told TechRepublic. "It is no longer a case that criminals will want to infect every machine as soon as possible. Rather ransomware, once broken in, will dial-home so the best strategy can be determined. This includes what to encrypt, the ability of the victim to pay, corrupting backups, and exfiltrating data and credentials."

Beyond just encrypting sensitive files and demanding payment from the victim, ransomware attackers are going further with their threats.

"In this whole process, ransomware is the last to be deployed because it allows the criminals to not only demand payment for the decryption key, but also demand payment to not publicly release or sell data they have exfiltrated," Malik said. "Sometimes they will use the stolen information to attack partners or try to extort customers."

To better protect your organization against ransomware attack, Cybereason serves up the following recommendations:

1. Establish cyber incident response tools and procedures across both IT and OT networks with the goal to minimize Mean-Time-To-Response. Minimizing damage and preventing an ICS (industrial control system) network from being taken offline is essentially the cat-and-mouse game being played by attackers and defenders. To keep hacking groups at bay, organizations need to minimize the time it takes to respond to a threat. This can be achieved by deploying threat hunting services around the clock.
2. Establish unified security operation center and workflows across both IT and OT environments. Operating a unified security operations center (SOC) provides visibility into the IT and OT environments because attackers are looking to use IT environments as gateways into OT environments. Some companies may already have a network operations center (NOC) monitoring the OT environment, but a combined SOC lets operators see all operations as they move through the network.
3. Design and operate with resiliency in mind. Resiliency and security can no longer be an afterthought. As new critical infrastructure systems are built and installed, legacy networks will be retired and taken offline. It is very important for next-generation systems to be built with resiliency and security in mind. The design and ongoing operation of the system must take into consideration what security threats will become commonplace in the months and years ahead.
4. Partner with experts. Be sure to partner with experts with vast knowledge of ICS threats. The public and private sector need to work together closely to protect this industry. Partner with a security company that can stay ahead of new threats and help operators address issues in real time. 
5. Test, test, test. Regular testing must be a focal point in this sector. Tabletop exercises that enable a red and blue team to role play different catastrophic scenarios and the real-time response to those scenarios is critical when having to actually have to deal with a threat in real time. Never underestimate the value of tabletop exercises in shoring up weakened defenses and helping executives understand the importance of security.

Based on the latest ransomware threats, Malik has another piece of advice for organizations:

"Even having reliable and up-to-date backups won't help," Malik said, "which is why preventing criminals from gaining a foothold is of utmost importance. The top three controls organizations can deploy would include security awareness training so that users can identify and respond to phishing attacks, MFA (multifactor authentication) to prevent credential compromise, and patching external-facing systems."

www.vsoftsystems.co.za