The 4th Industrial Revolution

July 2019 Editor's Choice, Information Security, Security Services & Risk Management, Industrial (Industry)

When one thinks of the word ‘revolution’, images of armed insurgents attempting to overthrow an incumbent government or system invariably springs to mind. Adding the word ‘industrial’ changes the image to one of technological change. Today, however, the two meanings are becoming increasingly intertwined and the future vision is increasingly worrying.

Craig Rosewarne.
Craig Rosewarne.

A quick preview of preceding revolutions puts things into perspective:

First Revolution – The invention of the steam engine in 1760 powered new manufacturing processes leading to the creation of factories and industry.

Second Revolution – Mass production in new industries such as steel, oil and electricity coupled with key inventions including the telephone, light bulb and internal combustion engine.

Third Revolution – Also known as the ‘Digital Revolution’ after the introduction of the semiconductor, personal computer and Internet.

Fourth Revolution – Due to the fact that our physical, biological and digital world is shrinking rapidly due to rapid advancements in technology, a conflict of interests relating to ideology, supremacy, financial, etc. will occur. Cyber warfare is already taking place and a major attack vector are countrys’ industrial sectors. With every attack comes the need for defence, but are we ready?

Technology: good and bad

Most major industries have turned to and are reliant on technology to run their operations. This is a time of great promise, but also one of frightening peril. Cyber technology can both help save lives or cause irreparable harm and in a combination of the two, depending on whose side you’re on, both.

Some notable cases of cyberattacks against industry have included:

Stuxnet – In the early 2000s, Iran began to flex its nuclear muscle as it sought to counter the threat that Israel posed by possessing nuclear weapons. A uranium processing plant began enriching uranium at a plant supplied by America in the 1950s, when Iran was still a regional ally. The West and Israel had two options, go to war or allow Iran to complete its plan, which it claimed was for humanitarian purposes. A third proposal was then put forward, the use of cyber technology to destroy or at least delay the enrichment.

The problem was that the plant’s computer systems were air-gapped and only a few key personnel had access to them. The solution was simple, the old Greek Trojan Horse. USBs containing malicious code were left near the cars of the key scientists and sure enough, one was picked up and inserted into his laptop and then transferred to the main system.

The targets were the centrifuges (simply put, giant ‘spin driers’) rotating at 100 000 rpm which extracted purer forms of uranium. Stuxnet caused these centrifuges to speed up without showing it in the control rooms. They eventually tore themselves to pieces, delaying Iran’s plans long enough (along with sanctions) to bring them to the negotiating table.

German blast furnace – In 2014, a German steel mill’s blast furnace was hacked causing the electronic doors not to seal properly. The damage was enormous. This form of attack is known as an Advanced Persistent Threat (APT) where attackers infiltrate the system and gather information over a period of time. When weaknesses are found, they strike.

Ukrainian power grid – This is one of the first major attacks, again using a Trojan, that affected a large portion of the populace in Western Ukraine. This attack has given us a taste of the potential consequences that cyber-attacks can have on industrial sites and the roll-on affect to consumers.

We now have the Industrial Internet of Things (IIoT)

How safe is South Africa’s industrial and critical infrastructure? Sad to say, we are woefully unprepared for any major cyber incident and have thankfully not (yet) been targeted in a major attack. Koeberg, our only nuclear power station, has been around for 35 years and has suffered its fair share of shutdowns and mishaps, mostly due to human negligence and sabotage. Total estimated costs due to outages is around R 2 billion.

Our financial and retail industries have been hit fairly hard recently, but the main motivation here appears to be exfiltration of data and financial gain via ransomware attacks. Attacks against industrial targets are normally carried out by nation states, hacktivists (opposition groups, environmentalists, etc.) or even individuals with an axe to grind. With the outcry surrounding our state capture commission, people in power are turning a blind eye to a far greater threat of a major cyber incident against industrial and critical infrastructure.

What can be done to protect us? According to security group Sentryo, the approach of teams in charge of ICS cyber security must overcome five key constraints:

• Take into account physical processes*.

• Using technology specially designed for industrial environments.

• Mapping installations and analysing risks: an inventory of all material installations, critical systems and applications – this enables us to identify each weakness, the needs as well as the objectives when faced with threats.

• Placing actors, who are often unaware of the risks and thus responsible for a large part of incidents, at the heart of the security process – it is essential to promote rules of good computer hygiene, especially when it comes to access, login details or even the use of a simple USB flash drive.

• Engage actively in intelligence to stay up-to-date with the threats and vulnerabilities that are unique to the ICS sector.

o *Include skills in security and industrial process control.

o Adapt intrusion tests and security assessments for ICS in order to avoid interfering with physical processes.

o Adapt measures for detecting intrusions in order to take into account attacks that target physical processes (for example Stuxnet or CrashOverride). https://www.sentryo.net/specific-challenges-industrial-cybersecurity/)





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

SMARTpod talks to The Risk Management Forum
SMART Security Solutions Editor's Choice News & Events Security Services & Risk Management Videos Training & Education
SMART Security Solutions recently released its first SMARTpod podcast, discussing the upcoming Risk Management Forum Conference 2024, which will be held on 26 September 2024 at the Indaba Conference Centre in Fourways, Johannesburg.

Read more...
There is a SaaS for everything, but at what cost, especially to SMEs?
Editor's Choice Information Security Security Services & Risk Management
Relying on SaaS platforms presents significant cybersecurity risks as the number of providers in your landscape increases, expanding your attack surface. It is important to assess the strength of the SaaS providers in your chain.

Read more...
New State of Physical Access Control Report from HID
HID Global Editor's Choice Access Control & Identity Management News & Events
HID released the 2024 State of Physical Access Control Report, identifying five key trends shaping access control's future and painting a picture of an industry that has been undergoing considerable transformation.

Read more...
Addressing today’s mining challenges: cyber risks beyond IT
Editor's Choice Information Security Mining (Industry)
Despite the mining industry’s operational technology systems being vulnerable to cyberattacks, many decision-makers still see these threats as purely an IT issue, even though a breach could potentially disrupt mining operations.

Read more...
Workforce Consortium to reskill 95 million people
Editor's Choice News & Events AI & Data Analytics
ICT Workforce Consortium of global leaders has come together, committing to train and upskill 95 million people over the next 10 years, as 92% of jobs analysed are expected to undergo either high or moderate transformation due to advancements in AI.

Read more...
How to effectively share household devices
Smart Home Automation Information Security
Sharing electronic devices within a household is unavoidable. South African teens spend over eight hours per day online, making device sharing among family members commonplace. Fortunately, there are methods to guarantee safe usage for everyone.

Read more...
How is technology changing the industry?
Editor's Choice
SASA and the International Code of Conduct for Security Providers Association (ICoCA), a Geneva-based organisation, will hold a consultative workshop in South Africa in September to discuss how technology is changing the industry and the associated risks.

Read more...
Innovation and security go hand in hand
Technews Publishing Facilities & Building Management Security Services & Risk Management
In a world where the demand for tech innovation is matched only by the acceleration of cybersecurity threats, businesses face the challenge of balancing new product development and robust security measures.

Read more...
Fortinet establishes new point-of-presence in South Africa
News & Events Information Security
Fortinet has announced the launch of a new dedicated point-of-presence (POP) in Isando, Johannesburg, to expand the reach and availability of Fortinet Unified SASE for customers across South Africa and southern African countries.

Read more...
New tools for investigation and robust infrastructure security
News & Events Information Security
Cybereason continues to enhance its security platform, with recent updates introducing improvements in file search operations, investigation query results, and cloud workload protection, providing more granular data and faster key artefact identification.

Read more...