SA’s industrial challenge

Smart Cybersecurity Handbook 2022 Industrial (Industry)

As South African business and industry is increasingly connected to the rest of the world through the cloud, whether it’s for operations or manufacturing, local enterprises need to consider the less desirable consequences of being connected to colleagues, suppliers and services providers all over the world: vulnerability to cybercrime.

While many tend to think that only ‘office’-based computing systems are vulnerable to attacks from malevolent actors, the rapidly increasing uptake of artificial intelligence, machine learning and the Internet of Things in manufacturing makes production facilities just as vulnerable.

While these technologies offer the benefits of remote support, preventive and just-in-time maintenance reporting and company-wide visibility into production status, many local organisations are having to adapt legacy operating systems and ‘plug’ them into the cloud, to achieve the economies of scale required by their parent organisations.

These legacy operating systems are often no longer supported by their original vendors and manufacturers are often hard pressed to keep controls on their budget and want to sweat their assets for as long as possible.

Carlo Bolzonello.

Ransomware and IP theft

Neglecting to take a comprehensive and wide-ranging approach to cybersecurity in manufacturing leaves industrial companies open to two types of attacks: ransomware and the theft of intellectual property.

Ransomware often enters the organisation through a seemingly innocent route – often a ‘recruiter’ offering employment, or a ‘researcher’ conducting a survey that requires an exchange of information. Ransomware mercenaries use these interactions to install malware that hobbles or halts production and much like in a kidnapping, hold the system ransom until a fee is paid.

When losses in production amount to hundreds of millions of dollars a day, it’s often quicker and easier for businesses to just pay the ransom to have control of their facilities returned – but they can seldom be confident of the integrity of their environment going forward and they’ve let the malevolent actor know that they are a potential repeat target.

Intellectual property theft is most often a slow, methodical type of attack that frequently goes unnoticed until a business notices that its competitors have gained access to product design or other information that previously gave them a competitive edge. It’s not always competitors that are guilty of this kind of cybercrime – there are cyber mercenaries for hire who first research their target, reading publicly available reports and identifying opportunities to access information that can be sold to the highest bidder.

The complexity of attacks continues to evolve and with many nation states adopting a ‘blind eye’ approach to cyber law enforcement, it’s difficult to trace cyber criminals and even more challenging to prosecute and convict them.

Visibility and control

It’s clear that enterprise cybersecurity demands have never been greater and that protecting a business’s people, technology and operations from cybercrime requires the input of a trusted cybersecurity advisor. Having the right security solutions in place and building out a cybersecurity strategy to protect what matters most to operations, needs to be a priority.

Choosing the right security products can give businesses visibility and control over data and threats across public, private and hybrid cloud environments, including data loss prevention, remote browser isolation and zero trust network access.

It’s more important than ever to have a set of consistent data loss prevention policies that protect data in the cloud, on corporate endpoints and on unmanaged devices, which have become more ubiquitous since the Covid-19-inspired move to remote working. That’s why it’s important for a security solution to offer seamless integration, providing a frictionless protection experience across multiple environments.

While South Africa may feel geographically far from some of the nations that experience the greatest number of cyber-attacks, global connectivity means that local businesses are just as vulnerable as their counterparts abroad. It’s even likely that they are more vulnerable due to the perception that cyber-attacks and ransomware incidents are location-based. The truth is that they are not – attacks follow the money and attackers are slick professionals that are digital guns for hire, indiscriminate in who they target to achieve their goals.

Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Preventing cyberattacks on critical infrastructure
Industrial (Industry) Cyber Security
Cyberattacks have the potential to disrupt our lives completely, and in instances where critical national infrastructure is attacked, they could disrupt the country’s entire economy, leading to loss of life and livelihoods.

Minimise the cost and impact of protest activity
Thorburn Security Solutions Security Services & Risk Management Industrial (Industry)
Strikes and protest actions are common in South Africa and businesses need to prepare for the worst while working for the best outcome that benefits all parties.

Powder coating provides durable finish
Turnstar Systems Access Control & Identity Management Industrial (Industry)
Turnstar’s powder coating line provides corrosion resistance, high-quality surface finishing and a long-term environment-friendly impact for all access control components the company manufactures.

Improving resiliency and efficiency
Industrial (Industry)
Unified power management and process automation boosts profitability and operational resilience says Dwibin Thomas, cluster automation leader at Schneider Electric.

The risks facing industrial control systems
Industrial (Industry)
Industrial control systems at risk as the share of computers attacked with miners, spyware and malicious scripts on the rise, says Kaspersky ICS CERT.

Bridging the divide between operational and information technology
Industrial (Industry)
OT-focused cyber-attacks highlight why South African utilities, manufacturers and other organisations that run industrial infrastructure would be wise to take note of the growing range of cyber threats faced by their OT systems.

Securing smart devices in OT environments
Cyber Security Security Services & Risk Management Industrial (Industry)
The Industrial Internet of Things (IIoT) gives devices a link to the Internet so that users can interact with them in realtime, draw and analyse data for statistical or predictive analysis.

Paying for experience, not assets
IT infrastructure Security Services & Risk Management Industrial (Industry)
Infrastructure as a Service (IaaS) has emerged as a feasible option that maintains crucial infrastructure such as IT, power consumption and business continuity while organisations focus on their core business.

AI-powered hardhat detection
Hikvision South Africa Industrial (Industry) CCTV, Surveillance & Remote Monitoring
Hardhats save lives, but only if people wear them. Intelligent, AI-powered hardhat cameras are helping to ensure workers in dangerous locations stay safe at all times.

Cybersecurity for operational technology: Part 3
Cyber Security Industrial (Industry)
According to a recent World Economic Report, the Covid-19 pandemic has increased our reliance on the global supply chain, while the Internet has accelerated the digitisation of business processes.