IT in Manufacturing


Threat hunts for proactive cybersecurity

February 2023 IT in Manufacturing


Simeon Tassev.

Ransomware remains one of the top cyber threats facing businesses in South Africa and the world, causing financial, reputational and collateral damage. In addition, there is a growing trend toward cyber extortion, where data encrypted for ransomware purposes is then leaked to the public, or even used against individuals. Backup and recovery, while they remain essential, are no longer sufficient to protect businesses adequately against this threat.

Lucrative targets

The threat of cyberattack is real and growing, and the likelihood of businesses being attacked is increasing daily. In fact, South Africa is the second most targeted country in Africa, with ransomware among the top five cyberthreats. Public sector, infrastructure and large organisations are the most attractive targets for a number of reasons, chiefly because they have both information that is valuable and the means to pay the ransom.

The cost to benefit ratio for cybercriminals of an attack on large organisations is highest, whereas smaller businesses may be a lot of effort, with little reward, for cybercriminals. However, realistically, any business could potentially fall victim to a cyberattack, and it pays to be prepared.

Changing angles

In addition to becoming more frequent and more sophisticated, ransomware attacks have also shifted away from just encrypting the data to hold it to ransom. The entire modus operandi has changed from denying data availability to disclosing data that has been stolen. There are a number of repercussions to this, including extortion of individuals based on stolen data, reputational damage resulting from leaked information, together with compliance breaches and fines.

It also means that the approach of having a backup and restoring from a clean copy of data is no longer an effective approach to mitigating risk. Once data has been stolen, there is no way to get it back, even if a business has another copy of the data with which they can attempt to carry on business. A more proactive approach to threat prevention and detection has become critical, and threat hunts have evolved as part of this strategy.

Seek and find

Threat hunts are automated tools that proactively search for security risks on the internet, the dark web, and within an organisation’s network. Where threat detection systems will identify known threats, threat hunting looks for threats that are unknown, undetected, and unpremeditated. When potential threats are identified, an alert can be triggered so that they can be investigated further, and the appropriate action taken.

These technologies make use of intelligent software that combines next-generation technologies like big data processing, artificial intelligence, and machine learning, with human intelligence, to complement existing security solutions, add another layer into the security mix, and drive an enhanced security posture.

Prevention is better than cure

In today’s world, responding after the fact to a ransomware attack may be too late. While it remains essential to always have backup, and the ability to recover from a clean copy of data, this is no longer sufficient to mitigate the threat of ransomware. Increasingly, the data itself is being used for extortion purposes, so the goal post has shifted from reactive recovery to proactive prevention.

There are many tools available to assist with this, including threat hunting, which offers a proactive solution to preventing threats from dwelling on networks, wreaking havoc and stealing data that can then be used for nefarious purposes. Threat hunting helps organisations stay a step ahead and mitigate the growing risk from cybercrime.




Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Bringing brownfield plants back to life
Schneider Electric South Africa IT in Manufacturing
Today’s brownfield plants are typically characterised by outdated equipment and processes, and face challenges ranging from inefficient operations to safety hazards. However, all is not lost, as these plants stand to gain a lot from digitalisation and automation.

Read more...
Pioneering sustainable aviation
Siemens South Africa IT in Manufacturing
Sustainable aviation company, Dovetail Electric Aviation, has selected the Siemens Xcelerator portfolio of software to design zero-emission battery and hydrogen-electric propulsion systems for commercial aircraft.

Read more...
Revolutionising traditional DCS architecture
IT in Manufacturing
SUPCON has unveiled the world’s first Universal Control System (UCS) at the highly anticipated global product launch conference, marking a groundbreaking innovation in the automation sector. This revolutionises the concept of industrial control systems, pioneering a new era in automatic control technology.

Read more...
Advanced industrial software solutions
ABB South Africa IT in Manufacturing
Finding better ways to manage energy and manufacturing resources is a key concern for businesses in Africa right now. However, achieving this can be a complex challenge.

Read more...
Risks facing the engineering sector
IT in Manufacturing
The engineering, construction, and real estate sector is facing significant challenges in the year ahead, with natural catastrophes, fire and explosion risks emerging as the primary concerns, according to the Allianz Risk Barometer.

Read more...
African data centres: if you build it, they will come
Schneider Electric South Africa IT in Manufacturing
Africa’s data centre market is growing at an unprecedented rate, driven by a soaring demand for digital services, artificial intelligence, crypto currencies and cloud computing. This is good news indeed, as Africa’s burgeoning digital landscape also presents significant opportunities for investors, technology companies and local businesses.

Read more...
When cyber attackers are using AI, your defence needs to do the same
IT in Manufacturing
Cyberthreats have become increasingly sophisticated, thanks to the use of artificial intelligence (AI), and attacks can now be executed rapidly and scaled beyond anything a human is capable of. Add in machine learning (ML), and attacks can now adapt and evolve in real time, becoming more sophisticated and stealthier. Traditional security measures are simply no longer effective; we need to counter the offensive AI with the use of defensive AI.

Read more...
Closed-loop production chain for metal additive manufacturing
Siemens South Africa IT in Manufacturing
AMAZEMET has adopted solutions from the Siemens Xcelerator portfolio of industry software to help build its etal additive manufacturing materials and supporting post-processing equipment.

Read more...
Edge computing: Introducing AI into the factory
Editor's Choice IT in Manufacturing
As AI evolves, it is evident that the most powerful models will be cloud-based, and hosted in data centres that are beyond the control of the average business. The practical application of AI in manufacturing control and automation will only be possible if some of the computing workloads can be brought onto the plant, inside the firewall and inside the plant network.

Read more...
The magnificent seven of industrial software development
Schneider Electric South Africa IT in Manufacturing
There’s fast paced, and there’s supersonic, and the latter certainly applies to the evolution of software or, more specifically, industrial software. The last year has seen the industrial software step to the fore to take over the mundane, repetitive and sometime dangerous, allowing us to focus once again on what makes us uniquely human.

Read more...