Supplier denies police allegations that it placed malware in IT systems

Police have alleged in a legal letter to a supplier, which shut them out of critical IT systems last week, that malware had been installed into the software rendering it impossible for the State to use. 

Last week, police supplier Forensic Data Analysts (FDA) shut down three police IT systems which dealt with evidence management, the firearm permit system, and investigation tracking. They said the shutdown was the result of non-payment for services rendered in the past five months. 

READ: Police, SITA halt court process against FDA over access to IT systems

In the legal letter to FDA and related company Investigative Software Solution (ISS), the police and the State Information Technology Agency (SITA) said that, while the State had succeeded in reinstating the police's access to the Property Control and Exhibit Management (PCEM) and Firearm Permit System (FPS), they had allegedly established that malware and bugs had been placed in the software "in an apparent attempt to prevent our clients from successfully restoring their accesses and utilisation of the systems". 

It was because of this, the letter stated, that the application SITA and SAPS had placed before the North Gauteng High Court in Pretoria, and which was supposed to be heard on Thursday, would be removed from the urgent roll. 

The letter also indicated the police and SITA found it unnecessary to hold a discussion, as proposed by FDA in an earlier legal letter. 

'Physical contact'

The letter also stated that, as far as the investigative software VA-Amis was concerned, the police did not feel it appropriate that ISS should be allowed remote access to the system because of the alleged malware placement.

VA-Amis helps track different crimes committed by the same suspect. ISS had requested the reinstatement of the software for the police. They proposed that a representative from ISS gives the State instructions on how to do this.

"We emphasise that under no circumstances, shall any representative of your client be allowed to come into physical contact with our client's systems," the letter said.  

Director of FDA and ISS, ex-police-officer-turned-businessman Keith Keating told News24 that the allegation that they had installed malware on the systems was a "blatant lie". 

Forensic Data Analysts is run businessman Keith Keating. (File, Jan Gerber, News24)

"If that was the case, then why did they proceed to activate the system and allow the users to use the system? Any malware and bugs would have destroyed the chain of custody," Keating said. 

He said the company had served the police for 20 years and would never place malware or bugs in the software. 

Keating said that SITA and SAPS did not want to go to court "because they know what is going to happen to this entire matter".

Referring to the State's papers in the urgent application, which was withdrawn before it was heard, Keating said it was strange that SITA admitted that applications were critical. It was also revealed that the total amount paid to Keating's companies since 2005 was R1.2bn and not the R5.9bn purported by the Independent Police Investigative Directorate (IPID).

In the State’s application, an affidavit by Vincent Mphaphuli, SITA's head of legal services, contained contracts between the State and FDA as well as ISS, which they said showed that the IT system's software was paid for. 

'Lack of evidence and the public confidence'

Mphaphuli's affidavit explained that the contingency plans police had in place when the systems were shut down consisted of paper and pen, where police would manually record the movement of evidence and firearms. 

"Although SAPS has implemented urgent temporary contingency measures to ensure that the criminal justice system and law enforcement capabilities do not immediately and completely collapse, these will only suffice for a very limited period," Mphaphuli said. 

He said the paper and pen method was only capable of being implemented for a very short period "before they become entirely unwieldy and begin to collapse". 

Mphaphuli said SAPS staff had already encountered severe difficulties in locating evidence since the disruption to the system.

READ: Battle between police and IT supplier heads to court

"The reasonably possible or likely consequence of this is that many criminal cases will be thrown out for lack of evidence and the public confidence in the justice system will diminish," the affidavit read. 

Mphaphuli's affidavit also referred to the threat of malware. He said that, while the police were exploring lawful means to restore the PCEM system on their own there was concern "that malicious code may have been embedded in the programme that can be invoked should the SAPS attempt to restore the system without FDA's involvement". 

"FDA and Keating have gone far beyond simply withdrawing support and maintenance resources for the systems – they have actively and intentionally blocked access to systems for which SAPS and SITA have already paid licences, alternatively which they own," he said.  

Police had not responded to queries about the malware at the time of publication.

KEEP UPDATED on the latest news by subscribing to our FREE newsletter.

- FOLLOW News24 on Twitter

We live in a world where facts and fiction get blurred
In times of uncertainty you need journalism you can trust. For only R75 per month, you have access to a world of in-depth analyses, investigative journalism, top opinions and a range of features. Journalism strengthens democracy. Invest in the future today.
Subscribe to News24
Lockdown For
Voting Booth
When a Covid-19 vaccine for under 16's becomes available, will you be taking your children to get it?
Please select an option Oops! Something went wrong, please try again later.
Yes, immediately!
37% - 2362 votes
I'll wait to see how others respond
27% - 1704 votes
No, I don't think they need it
37% - 2364 votes
Brent Crude
All Share
Top 40
Financial 15
Industrial 25
Resource 10
All JSE data delayed by at least 15 minutes morningstar logo