SA’s industrial challenge

SMART Cybersecurity Handbook 2022 Industrial (Industry)

As South African business and industry is increasingly connected to the rest of the world through the cloud, whether it’s for operations or manufacturing, local enterprises need to consider the less desirable consequences of being connected to colleagues, suppliers and services providers all over the world: vulnerability to cybercrime.

While many tend to think that only ‘office’-based computing systems are vulnerable to attacks from malevolent actors, the rapidly increasing uptake of artificial intelligence, machine learning and the Internet of Things in manufacturing makes production facilities just as vulnerable.

While these technologies offer the benefits of remote support, preventive and just-in-time maintenance reporting and company-wide visibility into production status, many local organisations are having to adapt legacy operating systems and ‘plug’ them into the cloud, to achieve the economies of scale required by their parent organisations.

These legacy operating systems are often no longer supported by their original vendors and manufacturers are often hard pressed to keep controls on their budget and want to sweat their assets for as long as possible.

Carlo Bolzonello.

Ransomware and IP theft

Neglecting to take a comprehensive and wide-ranging approach to cybersecurity in manufacturing leaves industrial companies open to two types of attacks: ransomware and the theft of intellectual property.

Ransomware often enters the organisation through a seemingly innocent route – often a ‘recruiter’ offering employment, or a ‘researcher’ conducting a survey that requires an exchange of information. Ransomware mercenaries use these interactions to install malware that hobbles or halts production and much like in a kidnapping, hold the system ransom until a fee is paid.

When losses in production amount to hundreds of millions of dollars a day, it’s often quicker and easier for businesses to just pay the ransom to have control of their facilities returned – but they can seldom be confident of the integrity of their environment going forward and they’ve let the malevolent actor know that they are a potential repeat target.

Intellectual property theft is most often a slow, methodical type of attack that frequently goes unnoticed until a business notices that its competitors have gained access to product design or other information that previously gave them a competitive edge. It’s not always competitors that are guilty of this kind of cybercrime – there are cyber mercenaries for hire who first research their target, reading publicly available reports and identifying opportunities to access information that can be sold to the highest bidder.

The complexity of attacks continues to evolve and with many nation states adopting a ‘blind eye’ approach to cyber law enforcement, it’s difficult to trace cyber criminals and even more challenging to prosecute and convict them.

Visibility and control

It’s clear that enterprise cybersecurity demands have never been greater and that protecting a business’s people, technology and operations from cybercrime requires the input of a trusted cybersecurity advisor. Having the right security solutions in place and building out a cybersecurity strategy to protect what matters most to operations, needs to be a priority.

Choosing the right security products can give businesses visibility and control over data and threats across public, private and hybrid cloud environments, including data loss prevention, remote browser isolation and zero trust network access.

It’s more important than ever to have a set of consistent data loss prevention policies that protect data in the cloud, on corporate endpoints and on unmanaged devices, which have become more ubiquitous since the Covid-19-inspired move to remote working. That’s why it’s important for a security solution to offer seamless integration, providing a frictionless protection experience across multiple environments.

While South Africa may feel geographically far from some of the nations that experience the greatest number of cyber-attacks, global connectivity means that local businesses are just as vulnerable as their counterparts abroad. It’s even likely that they are more vulnerable due to the perception that cyber-attacks and ransomware incidents are location-based. The truth is that they are not – attacks follow the money and attackers are slick professionals that are digital guns for hire, indiscriminate in who they target to achieve their goals.

Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

210 million industrial endpoints secured by 2028
News & Events Information Security Industrial (Industry)
A new study by Juniper Research has found that there will be growth of 107% over the next five years in the number of industrial endpoints featuring cybersecurity protection.

Growing cyber threats to SA’s critical infrastructure
News & Events Information Security Industrial (Industry)
The increasing reliance on digital infrastructure makes critical sectors like utilities more susceptible to cyber threats. This concern has been highlighted by Kaspersky's recent discovery of a new SystemBC variant that has targeted a South African nation's critical infrastructure.

Smart manufacturing redefined
Hikvision South Africa Surveillance Industrial (Industry)
AI and intuitive visualisation technology allows managers to monitor manufacturing sites, production, and operational processes, and to respond in real time in the event of an issue – helping to drive efficiency and productivity.

CHI selects NEC XON as trusted cybersecurity partner
News & Events Information Security Industrial (Industry)
CHI Limited, Nigeria's leading market player in fruit juices and dairy products, has engaged in a strategic cybersecurity partnership with NEC XON, a pan-African ICT systems integrator.

Edge technology can transform manufacturing in South Africa
Axis Communications SA Surveillance Integrated Solutions Industrial (Industry)
Aligning South African manufacturing more closely with this global shift to edge technologies could take manufacturing in the country to a new level, says Axis Communications’ Rudie Opperman.

Edge AI and managing risk in the cloud
Industrial (Industry) Infrastructure
As organisations see greater volumes of data generated from their operations. It is understandable and imperative that this data is leveraged to generate more value and increase insight that help operations and asset integrity managers ‘do more, better’.

Supporting local manufacturing
Industrial (Industry) Infrastructure
Smart Security asked Esenthren Govender, Solutions Executive at Technodyn for insight into how the company supports local manufacturing organisations to optimise their business.

New algorithm for OT cybersecurity risk management
Industrial (Industry) Information Security News & Events Commercial (Industry)
OTORIO’s new risk management model and attack graph analysis algorithm technology, calculates OT cybersecurity threats and provides risk mitigation actions, prioritised according to actual exposure and potential impact on operations.

The role of AI in industrial plants
Industrial (Industry)
The average modern industrial plant uses less than 27% of the data it generates, but industrial AI can play a major role in identifying patterns and making process predictions through new software platforms that simplify convergence and analysis of OT/IT/ET data.

Addressing the SCADA in the room
Industrial (Industry) Information Security IoT & Automation
Few other sectors command the breadth of purpose-built and custom devices necessary to function, as the industrial and manufacturing industries. These unique devices create an uncommon risk that must be assessed and understood to fully protect against incoming attacks.