EXPLAINED | Why you should be concerned about President Cyril Ramaphosa's email leaks

2020-01-27 13:33
Cyril Ramaphosa (Getty Images)

Cyril Ramaphosa (Getty Images)

Multimedia   ·   User Galleries   ·   News in Pictures Send us your pictures  ·  Send us your stories

On a daily basis, the president of a country will read, receive and dispatch dozens of highly confidential communications.

Whether this be via email, secure diplomatic cable or by handwritten notes, much can be learned about how a president manages a complex machine, such as a country, from just a handful of his or her interactions with staffers and advisors.

Intelligence agencies place great stock in being able to access personal communications to prevent terrorism or other crimes. For a president, the security of communication channels is a much more serious matter, as a very real risk of a breach of national security is ever-present.

On Sunday, News24 reported that more emails from President Cyril Ramaphosa’s private and "secure" 2017 ANC presidential campaign email server, alexio.online, were handed to the publication last year.

These emails, between Ramaphosa and some of his top advisors, provide a keen insight into the operations of the presidency in the first months after he took office in February 2018.

The topics covered in the latest emails range from the wrangling around setting up meetings with foreign diplomats, Ramaphosa’s relationship with high-profile South African businessmen and even an unfiltered look at what the president privately prioritised as his most important tasks in the first months of his presidency – and some rather candid comments that could potentially be embarrassing.

'It's definitely not ethical'

News24 has elected not to publish the contents of the newly leaked emails, as they contain no major information in the public interest

A publication has to weigh up the public interest of leaked private communications against an individual’s right to privacy. In this case, the former did not outweigh the latter.

Previously, when News24 published the content of CR17 emails, the same emails relied on by Public Protector Busisiwe Mkhwebane in her report, they revealed a direct contradiction to Ramaphosa’s consistent and public denials of knowledge of who his funders were.

Ramaphosa has accused Mkhwebane in court papers of obtaining the emails illegally, and bemoaned the fact that she had never given him an opportunity to address the content of the emails.

MUST READ | Mkhwebane 'driven by reckless determination to malign' Ramaphosa, say lawyers - report

Mkhwebane found that Ramaphosa lied to Parliament when asked about a R500 000 payment allegedly made to his son Andile. The payment turned out to be a donation to the CR17 campaign by the late Bosasa CEO, Gavin Watson.

Ramaphosa took the report on review, and it is set down for February 4 and 5 in the Gauteng High Court in Pretoria.

Professor SH "Basie" van Solms, the director for Centre of Cyber Security at the University of Johannesburg, explained to News24 that every citizen should be concerned about the hacking or leaking of emails.

READ | 5 things to watch out for in Parliament in 2020

When the emails concerned belonged to the president, even more so. The leaking and hacking of emails, whether the president's or any other person's was a "massive problem" Van Solms said.

"It should not be done, and it should not be possible… it’s definitely not ethical. But it happens," he told News24. 

'Front-end intrusion'

"Everybody in South Africa, in every country, any citizen should be worried if emails are leaked. Because it concerns, right from the president as in this case, it concerns me personally, it concerns my personal information. The whole matter of emails being leaked is a big problem.

"In general, it should worry every one of us, like cyber crime should worry every one of us. The fact that the presidents email is being leaked, is maybe more serious, because one would expect that there would be better security around a server containing his email, as there may be around the server running my email messages," Van Solms added.  

ALSO READ | Mkhwebane tried to usurp power from Parliament - Tsenoli

He said you should expect your employer to protect your email security definitively, but explained that, in many cases, South African citizens and government officials simply were not well enough informed on spotting cyber security threats.

He said our authorities may be able to do a better job of informing people of the risks.

"We have a general lack of cyber security expertise in the country, in the private sector and in government."

News24 has previously reported that the CR17 emails were leaked from a server, alexio.online, that was set up and managed specifically for the CR17 campaign by Alexio Papadopulo, a shadowy cyber security consultant hired by the campaign’s security head, Wally Rhoode.

Rhoode holds the rank of major general in the South African Police Service, and was appointed to head up the Presidential Protection Unit after Ramaphosa took office.

Papadopulo, meanwhile, has authored a report which was handed to the Hawks, showing the activity on the email server he managed. He points out that the emails were most likely obtained through a "front-end intrusion", which means a laptop or cellphone linked to the email accounts of one of Ramaphosa’s campaign managers turned advisors, was compromised.

While the first set of emails were leaked to Mkhwebane and then the media with the obvious intent of disproving Ramaphosa’s denials, the second set of emails leaked to News24 show that it is possible that the entire alexio.online server is already in the hands of the president’s political opponents.

*Do you have a tip for our investigative journalists? Send an email to tips@24.com

Read more on:    anc  |  cyril ramaphosa  |  cr17  |  politics

Inside News24

Traffic Alerts
There are new stories on the homepage. Click here to see them.


Create Profile

Creating your profile will enable you to submit photos and stories to get published on News24.

Please provide a username for your profile page:

This username must be unique, cannot be edited and will be used in the URL to your profile page across the entire 24.com network.