printer friendly version

SA’s industrial challenge

As South African business and industry is increasingly connected to the rest of the world through the cloud, whether it’s for operations or manufacturing, local enterprises need to consider the less desirable consequences of being connected to colleagues, suppliers and services providers all over the world: vulnerability to cybercrime.

While many tend to think that only ‘office’-based computing systems are vulnerable to attacks from malevolent actors, the rapidly increasing uptake of artificial intelligence, machine learning and the Internet of Things in manufacturing makes production facilities just as vulnerable.

While these technologies offer the benefits of remote support, preventive and just-in-time maintenance reporting and company-wide visibility into production status, many local organisations are having to adapt legacy operating systems and ‘plug’ them into the cloud, to achieve the economies of scale required by their parent organisations.

These legacy operating systems are often no longer supported by their original vendors and manufacturers are often hard pressed to keep controls on their budget and want to sweat their assets for as long as possible.

Carlo Bolzonello.

Ransomware and IP theft

Neglecting to take a comprehensive and wide-ranging approach to cybersecurity in manufacturing leaves industrial companies open to two types of attacks: ransomware and the theft of intellectual property.

Ransomware often enters the organisation through a seemingly innocent route – often a ‘recruiter’ offering employment, or a ‘researcher’ conducting a survey that requires an exchange of information. Ransomware mercenaries use these interactions to install malware that hobbles or halts production and much like in a kidnapping, hold the system ransom until a fee is paid.

When losses in production amount to hundreds of millions of dollars a day, it’s often quicker and easier for businesses to just pay the ransom to have control of their facilities returned – but they can seldom be confident of the integrity of their environment going forward and they’ve let the malevolent actor know that they are a potential repeat target.

Intellectual property theft is most often a slow, methodical type of attack that frequently goes unnoticed until a business notices that its competitors have gained access to product design or other information that previously gave them a competitive edge. It’s not always competitors that are guilty of this kind of cybercrime – there are cyber mercenaries for hire who first research their target, reading publicly available reports and identifying opportunities to access information that can be sold to the highest bidder.

The complexity of attacks continues to evolve and with many nation states adopting a ‘blind eye’ approach to cyber law enforcement, it’s difficult to trace cyber criminals and even more challenging to prosecute and convict them.

Visibility and control

It’s clear that enterprise cybersecurity demands have never been greater and that protecting a business’s people, technology and operations from cybercrime requires the input of a trusted cybersecurity advisor. Having the right security solutions in place and building out a cybersecurity strategy to protect what matters most to operations, needs to be a priority.

Choosing the right security products can give businesses visibility and control over data and threats across public, private and hybrid cloud environments, including data loss prevention, remote browser isolation and zero trust network access.

It’s more important than ever to have a set of consistent data loss prevention policies that protect data in the cloud, on corporate endpoints and on unmanaged devices, which have become more ubiquitous since the Covid-19-inspired move to remote working. That’s why it’s important for a security solution to offer seamless integration, providing a frictionless protection experience across multiple environments.

While South Africa may feel geographically far from some of the nations that experience the greatest number of cyber-attacks, global connectivity means that local businesses are just as vulnerable as their counterparts abroad. It’s even likely that they are more vulnerable due to the perception that cyber-attacks and ransomware incidents are location-based. The truth is that they are not – attacks follow the money and attackers are slick professionals that are digital guns for hire, indiscriminate in who they target to achieve their goals.

Share this article:

Further reading: