https://www.engineeringnews.co.za

Cybersecurity must be managed at board level, urges Gautrain boss

30th October 2018

By: Irma Venter

Creamer Media Senior Deputy Editor

     

Font size: - +

Cybersecurity must be managed proactively at board level, says Gautrain Management Agency (GMA) CEO Jack van der Merwe.

“It must be led by senior management and assured by corporate governance. It is a line function and not a staff function.”

The GMA was the subject of an attempted hack in 2014, when an IT technician working at the agency attempted to steal R800-million from the rail company.

GMA IT security officer Henry Denner notes that the average cost of a mere data breach currently comes to around R36.5-million.

The cybersecurity landscape has changed, he adds, with an increase in the number of cyberattacks.

Often the threat comes from the inside, with money the motivation behind the attack.

Denner says it is estimated that around 80% of all successful attacks are aided by insiders.

Email also remains a problem, with an estimated 77% of attacks starting with an email, and 92% of malware delivered via email.

“Cybersecurity has to evolve. It is no longer business as usual.”

One example of the many threats that exist today is Silver Terrier. This group of around 100 individuals in Nigeria specialises in business email compromise attacks.

They average around 17 600 email campaigns a month. They focus on financial targets, specifically supply chains and accounts.

Silver Fox tricks victims into changing account and banking details, and paying falsified invoices.

Another example is the STUXNET worm, which, in 2010, successfully targeted Iran’s nuclear programme.

The attack was able to destroy up to one-fifth of the country’s nuclear centrifuges and set its nuclear programme back by a decade.

The 500 kb worm was distributed via USB drive.

More recently, a 2016 attack on the San Francisco Metro system saw a ransomware attack delivered through email.

The attack targeted the station faregate and ticketing systems, causing ticket kiosks to shut down. This resulted in the metro system operating for free for a weekend.

A ransom of more than $73 000 was demanded for the release of the system, says Denner.

Ransomware infects a computer and encrypts all the data on its storage drives while spreading to any other vulnerable computer connected to it. It typically starts when someone opens an infected email attachment or downloaded file, spreading through any computer networks.

Once the data is encrypted, the user is locked out of the computer and a ransom note is displayed promising to decrypt and release the data in exchange for money.

An example of a different type of ‘attack’ is a group of universtiy researchers who, in 2017, figured out how to hack a self-driving car by putting stickers on street signs, says MapIT’s Etienne Louw.

The researchers analysed image classification algorithms used by vision systems in self-driving cars, and then visually manipulated street signs, using stickers, to trick the vision system of an autonomous cars into reading a stop sign as a 45 mph sign instead.

Van der Merwe says that cyber security is a current and growing challenge that public transport organisations must recognise, especially in light of the “unprecedented pace and complexity of cyberattacks, as well as the increasing digitisation of the sector”.

As a last word, he notes that a 12-year-old today has a 70% chance of working in a job that does not exist today.

* Van der Merwe, Louw and Denner spoke at an Intelligent Transport Society of South Africa workshop on Transport Data and Cybersecurity.

 

Edited by Creamer Media Reporter

Comments

Showroom

Goodwin Submersible Pumps Africa (Pty) Ltd
Goodwin Submersible Pumps Africa (Pty) Ltd

Goodwin Submersible Pumps Africa is sole distributors for Goodwin electrically driven, submersible, abrasion resistance slurry pumps.

VISIT SHOWROOM 
Aqs image
AQS Liquid Transfer

AxFlow AQS Liquid Transfer (Pty) Ltd is an Importer and Distributor of Pumps in Southern Africa

VISIT SHOWROOM 

Latest Multimedia

sponsored by

Option 1 (equivalent of R125 a month):

Receive a weekly copy of Creamer Media's Engineering News & Mining Weekly magazine
(print copy for those in South Africa and e-magazine for those outside of South Africa)
Receive daily email newsletters
Access to full search results
Access archive of magazine back copies
Access to Projects in Progress
Access to ONE Research Report of your choice in PDF format

Option 2 (equivalent of R375 a month):

All benefits from Option 1
PLUS
Access to Creamer Media's Research Channel Africa for ALL Research Reports, in PDF format, on various industrial and mining sectors including Electricity; Water; Energy Transition; Hydrogen; Roads, Rail and Ports; Coal; Gold; Platinum; Battery Metals; etc.

Already a subscriber?

Forgotten your password?

MAGAZINE & ONLINE

SUBSCRIBE

RESEARCH CHANNEL AFRICA

SUBSCRIBE

CORPORATE PACKAGES

CLICK FOR A QUOTATION







sq:0.217 0.273s - 156pq - 2rq
Subscribe Now