https://www.engineeringnews.co.za
Africa|Business|Defence|Energy|Financial|Gas|Industrial|Infrastructure|Manufacturing|Oil And Gas|Oil-and-gas|Power|SECURITY|Services|Storage|System|Systems|Technology|transport|Water|Manufacturing |Products|Solutions|Infrastructure|Operations
Africa|Business|Defence|Energy|Financial|Gas|Industrial|Infrastructure|Manufacturing|Oil And Gas|Oil-and-gas|Power|SECURITY|Services|Storage|System|Systems|Technology|transport|Water|Manufacturing |Products|Solutions|Infrastructure|Operations
africa|business|defence|energy|financial|gas|industrial|infrastructure|manufacturing|oil-and-gas|oilandgas|power|security|services|storage|system|systems|technology|transport|water|manufacturing-industry-term|products|solutions|infrastructure|operations

It can happen to you – NU and Indegy discuss threats to industrial control systems and how to protect your OT infrastructure

9th October 2019

     

Font size: - +

JOHANNESBURG – September 10, 2019 – Cybercriminals have proven that they are more than ready to strike critical infrastructure, with potential examples of cyberattacks ranging from power facilities, transport systems and manufacturing plants, to water treatment facilities and defence systems, coming to the fore. It is clear that the chances of a cyber-related operational breakdown are higher than ever before, meaning that the time to broaden our understanding of relevant cybersecurity issues for industrial control systems and operational technology (OT) is now – we need to realise that it can happen to us and how to take the necessary steps to prevent these compromises.

This is according to Barak Perelman, CEO and co-founder of Indegy, a leader in industrial cybersecurity that protects industrial control system networks from cyberthreats, human error and malicious insiders. Indegy solutions are now brought to South Africa and throughout Africa by African value-added distributor, Networks Unlimited Africa.

Perelman explains: “Indegy undertakes to protect industrial control systems from external cyberthreats, malicious insiders and human error, and all three areas of protection are just as important to our users. People are very used to thinking about the possibility of external cyberthreats, and yet we have found that the most common cyber incidents come from within an organisation. These in turn can be broken down into the malicious attack, and operational breakdowns caused by human error. Of these, human error is the most common – we are aware that industrial systems often use old technology, and this allows for more room for mistakes. As far as intentional insider threats are considered, reasons for these can range from disgruntled employees or former staff members with an axe to grind, to people wanting to earn overtime and setting up the system for failure in order to return for additional work, and thus extra payment.

“Exernal threats, including malware, are in our experience the least common cyberthreat to industrial infrastructure, but they bring the most risk potential. Human errors, which bring more delicate system failures, usually result in shorter downtime than external threats. In comparison, a well-planned cyberattack will usually cause a lot more damage, which can include physical damages, financial costs and reputational threats for the business.”

Stefan van de Giessen, General Manager: Cybersecurity at Networks Unlimited Africa, adds, “In the past decade or so, factors such as the rapid introduction of the Industrial Internet of Things (IIot) connectivity across production and supply lines, and the way in which OT is automating the modern world, have opened up new vulnerabilities for industrial infrastructure. With the boundaries between IT and OT blurring, industrial infrastructure operations are now no longer stand-alone operations, but part of the connected, online world. These new vulnerabilities to both cyberattack and also cyber error mean, in turn, that cybersecurity has become critical for these systems.” 

“Many industrial operations are running on old control systems and are very vulnerable to today’s cybercriminals,” warns Perelman. “I believe there are two main reasons why industrial technology operators are not paying more attention to cybersecurity, and these are a lack of knowledge and education around the risk to critical infrastructures, as well as the rapid pace of change.

“The cyber risk to critical infrastructure is a relatively new challenge. If we look at the situation five to 10 years ago, many of these systems were completely disconnected from the outside world – IoT technology was not yet in play and the systems were limited to operation within the company’s network. With the rapid pace of change, security operators did not always give much thought to cyber implications, and were unaware of the growing risks. This has begun changing in recent years and OT security operators now understand that their operational technologies are connected to the operation’s IT systems or main network.”

Perelman also extends a cautionary note to sovereign states, noting, “Education is key. Governments need to make sure that those in charge of industrial infrastructure in their countries are aware of the evolution of the cyberthreat landscape. Criminals today are no longer just targeting financial services – the 2015 attack in the Ukraine, when hackers took control of the country’s power grid and plunged over 225,000 homes and businesses into darkness for hours, is proof of this.

“The attack was widely regarded as being the first example of hackers shutting off critical energy systems,  and was followed a year later by another attack that cut power hundreds of thousands of residents in the country’s capital, Kiev. Governments therefore need to encourage the adoption of new knowledge in order to protect their power and water supplies, oil and gas operations, manufacturing plants, transport systems and so on.”

He believes that Africa as a region is quite vulnerable to critical industry attack, explaining, “Africa overall shows very fast adoption rates of new technology. This integration of new technology means that older facilities - once outside the reach of the internet and the world - are now open to threat. While internet-enabled communications allow for remote access and more efficiencies, the core message is the same: the risk is increased. We therefore need to bear this in mind.

“Indegy chose to partner with Networks Unlimited Africa to bring our solutions into sub-Saharan Africa, because we have found in them a local partner that is familiar with the region and its best business practices, across several key industrial markets. We were also impressed with the company’s approach, which is not only about cybersecurity, but also about guiding end users through the entire IT lifecycle, including digital adoption. In Networks Unlimited Africa we have found a partner that understands the entire landscape.”

Perelman extends a reminder that attitudes need to change. “People too often believe that ‘It won’t happen to us  – but it can. The world is used to thinking about the classic external cyberattack, and yet, when we ask our customers, ‘When did you last experience down time because of a person?’ we find that everyone has an incident to report within the last year or so, due to human error. Cybersecurity for  operational technology is not only about external attacks, but also about insider threats and human error. OT operators, companies and governments need to understand the neceissity of adopting the correct cyber security tools in order to holistically cover all eventualities,” he concludes.

To find out more about the Indegy solution, please click here, or contact Stefan van de Giessen, General Manager: Cybersecurity at Networks Unlimited Africa, at stefan.vdgiessen@nu.co.za.

About Indegy

Indegy, a leader in industrial cyber security, protects industrial control system (ICS) networks from cyber threats, malicious insiders and human error. The Indegy Industrial Cybersecurity Suite is powered by patented technology that arms security and operations teams with full visibility, security and control of ICS activity and threats by combining hybrid, policy-based monitoring and network anomaly detection with unique device integrity checks. Indegy solutions are installed in manufacturing, pharmaceutical, energy, water and other industrial organisations around the world. 

About Networks Unlimited Africa

Networks Unlimited Africa is a value-added distributor, offering the best and latest solutions within the converged technology, data centre, networking, and security landscapes. The company distributes best-of-breed products, including Altaro, Attivo Networks, Carbon Black, Cofense, Fortinet, F5, Hitachi Vantara, Indegy, Mellanox Technologies, NETSCOUT, NETSCOUT ARBOR, ProLabs, RSA, Rubrik, SevOne, Silver Peak, Tintri by DDN and Uplogix. The product portfolio provides solutions from the edge to the data centre, and addresses key areas such as cloud networking and integration, WAN optimisation, application performance management, application delivery networking, Wi-Fi-, mobile- and networking security, load balancing, data centre in-a-box, and storage for virtual machines.

Since its formation in 1994, Networks Unlimited Africa has continually adapted to today's progressively competitive and evolving marketplace, and has reaped the benefits by being a leading value-added distributor (VAD) within the Sub-Saharan Africa market.

Contacts

Networks Unlimited Africa, David Wilson, david.wilson@nu.co.za, +27 (0) 11 202 8400

icomm, Vivienne Fouché, +27 (0) 82 602 1635, vivienne@pr.co.za, www.icomm-pr.co.za

Comments

Latest News

Magazine video image
Magazine round up | 29 March 2024
29th March 2024

Showroom

Yale Lifting Solutions
Yale Lifting Solutions

Yale Lifting Solutions is a leading supplier of lifting and material handling equipment in Southern Africa. Yale offers a wide range of quality...

VISIT SHOWROOM 
Booyco Electronics
Booyco Electronics

Booyco Electronics, South African pioneer of Proximity Detection Systems, offers safety solutions for underground and surface mining, quarrying,...

VISIT SHOWROOM 

Latest Multimedia

sponsored by

Option 1 (equivalent of R125 a month):

Receive a weekly copy of Creamer Media's Engineering News & Mining Weekly magazine
(print copy for those in South Africa and e-magazine for those outside of South Africa)
Receive daily email newsletters
Access to full search results
Access archive of magazine back copies
Access to Projects in Progress
Access to ONE Research Report of your choice in PDF format

Option 2 (equivalent of R375 a month):

All benefits from Option 1
PLUS
Access to Creamer Media's Research Channel Africa for ALL Research Reports, in PDF format, on various industrial and mining sectors including Electricity; Water; Energy Transition; Hydrogen; Roads, Rail and Ports; Coal; Gold; Platinum; Battery Metals; etc.

Already a subscriber?

Forgotten your password?

MAGAZINE & ONLINE

SUBSCRIBE

RESEARCH CHANNEL AFRICA

SUBSCRIBE

CORPORATE PACKAGES

CLICK FOR A QUOTATION







sq:0.635 0.701s - 247pq - 2rq
Subscribe Now