The manufacturing sector was second only to the finance industry in terms of the most cyberattacks recorded in any sector in the Middle East and Africa (MEA) region in 2016, information technology (IT) services multinational Dimension Data’s ‘Global Threat Intelligence Report for 2017’ reveals.
The mining and manufacturing sectors are becoming increasingly vulnerable to cyberattack, as operational technologies are at risk, Dimension Data Security Solutions MEA executive Sean Duffy said in a statement on Friday.
Manufacturing featured among the top three most targeted sectors for five out of the six global regions surveyed for the report. Particularly concerning for South Africa was that 21% of all Internet of Things attacks originated in the MEA region in 2016.
With digital transformation on the rise, organisations are deploying applications and devices that interact with business operations to enhance business outcomes.
For mining and manufacturing, this means connecting IT and operational technology systems securely into one enterprise network to enable boundless information flow for real-time, informed decisions.
The move from isolated devices to Internet-enabled platforms that can communicate with each other creates entirely new cybersecurity risks. Critical systems are now exposed and vulnerable to IT attacks and Distributed Denial of Service attacks, Duffy explained.
“When connecting the digital and physical worlds, new data sources need to be considered as both a source and target of an attack. While in the past cyberattacks have been largely focused on confidential information, we are now seeing a shift towards attacks on the availability and security of IT.”
This is particularly relevant in the operational technology environment, where an attack on the technology can bring an organisation to a standstill. Critical services are all controlled through automation and operational technologies, and the impact on their availability has an adverse effect on consumers of these services or processes.
It is critical that operational technology forms part of an enterprise cybersecurity strategy. This will enable manufacturing organisations to leverage new capabilities, while ensuring that they have implemented the required measures to protect their operational technology environment and prevent it from becoming the soft target of a cybersecurity attack.
“The nature of the threats necessitate a new approach to securing operational technology environments,” Duffy emphasised.
Most operational technology was introduced into mines 20 or 30 years ago when there was little risk of a cyberattack. The result is that the necessary IT systems to prevent cyberattacks simply were not put in place.
This includes failing to introduce measures to authenticate the traffic between the various devices contained in the plant and the logical security application of segmenting networks.
It is, therefore, necessary to understand what the impact on the business would be should its operational technology environment come under attack and what the cybersecurity requirements are to prevent such attacks.
“These security measures must include the discovery of elements that form part of the operational technology network, build and design based on security principles, controls for segregation, monitoring, access control and endpoint protection,” said Duffy.
Further, penetration tests should also be run to uncover cybersecurity gaps, allowing for advice on technical solutions to cover those gaps, and assisting manufacturers to implement controls to manage their entire IT security.