Owing to the current Covid-19 lockdown, initiatives are being rolled out in many countries, and owing to interruption, many businesses believe that they may have to deal with an industrial control systems (ICS) cyberattack, says cybersecurity solutions provider Kaspersky Africa’s enterprise sales manager Bethwel Opil.
An ICS is a collection of personnel, hardware and software that can affect or influence the safe, secure and reliable operation of an industrial process.
“In an Industry 4.0-driven world, most noncritical industrial networks are accessible through the Internet. This means industrial computers are exposed to the same malware that affects business systems.”
He points out that ransomware has been identified as a rising threat in the ICS market. The big difference is that, instead of targeting data, these attacks focus on causing high impact and damage to critical systems that disrupt operations or block access to critical assets.
“For example, in South Africa, our research shows that more than 43% of ICS devices were attacked in the second half of last year. The focus was on the energy segment, with 48.3% of attacks, and the manufacturing segment with 30.4% of attacks,” he says.
Further, threats to ICS do not necessarily have to revolve around malware. It can also include human error, fraudulent actions, cybersabotage, compliance issues and a lack of awareness on the associated risks.
To effectively manage all these risks, he notes that industrial companies should use ICS-focused cybersecurity solutions while always remaining cognisant of continuously educating employees.
Opil says ensuring that all software in the organisation is updated regularly is one of the additional measures that can be taken.
“Minimising or eliminating the potential human-error aspect of cybersecurity in an industrial company requires the business to consider building a human firewall. This is achieved through the right security awareness and training solutions that go beyond basic training using training that is easily digestible, practical and memorable will ensure that security awareness stays top of mind,” he explains.
Moreover, companies must ensure that staff are armed with the latest skills and knowledge, especially when considering how quickly cyber incidents evolve.
Opil adds that, to avoid widespread threats and attacks, everyone in a business should know how to identify obviously malicious websites, as well as malware that asks a user to update software.
“Personnel who have access to sensitive information and business-critical systems should be given more advanced training and learn to recognise personalised fake emails that may be of a malicious nature that could cause massive destruction,” he states.
Fortunately, some solutions providers, such as Kaspersky can combine threat intelligence, machine learning, and human expertise to support more agile protection against any of these threats, says Opil.
Kaspersky offers training courses designed for cybersecurity experts, operational technology managers and ICS operators. For example, participants gain insight into the relevant cyberthreats, their developmental trends and the most effective methods of protection against them during the course in advanced industrial cybersecurity in practice.
Skills development courses also enable security professionals to further develop their skills in specific areas, including ICS penetration testing and digital forensics.
To increase awareness of relevant industrial cybersecurity issues and foster the skills needed to address and resolve them, Kaspersky offers training games for security managers and engineers.
ICS cybersecurity is not a fire-and-forget approach – it requires continuous development, monitoring and adapting to current market developments to help ensure that systems and operations are kept safe, Opil concludes.