Home affairs IT infrastructure is an open book to skilled hackers – and even the not-so-skilled, warn IT experts. Cybersecurity operation Scarybyte chief executive Karim Jaber said detailed data of government IT infrastructure is also available on publicly accessible websites intended for mapping exposed infrastructure worldwide. This is known as "enumerated" data.

In hacking, enumeration means gathering detailed information from a server, such as usernames, open ports, or software versions. Hackers use this process to identify weak points or areas they can exploit to gain access to a system.

Jaber said the information disclosed includes details about technology used, subdomains, IP addresses, and open ports.

This is vital information that attackers can use during the early stages of a cyberattack to identify weaknesses and plan their approach.

A whistle-blower from home affairs corroborated this assessment, noting that while some firewalls exist at home affairs, they constitute a single or partial layer of defence.

Jaber added a unified set of controls is required to secure infrastructure and data effectively.

He estimated at least 30% of the enumerated vulnerabilities discovered by the hacker and shown to him are highly exploitable for whatever use a hacker may want.