News


From the editor's desk: The weakest link

April 2024 News


Kim Roberts, Editor.

Lately I’ve been getting an ever-increasing number of articles on cybersecurity in my inbox. It’s easy to put it on the backburner, but there is no doubt that this is a very serious problem that’s not going to go away if you ignore it. Unsurprisingly, the weakest link is people, although they usually don’t get treated as harshly as those in the game show, The Weakest Link − remember that?

We generate around 2,5 quintillion bytes of data every day, leaving us all vulnerable to data misuse, cybersecurity attacks and identity theft, both in our own lives and in the commercial and industrial world. In a recent survey of 500 security executives from 13 countries around the world, including South Africa, cybersecurity company Trellix’s ‘Mind of the CISO 2023’ report has some sobering numbers. I thought the statistics were quite interesting.

Cybersecurity incidents involving phishing were at 40%, ransomware at 36%, business email compromise at 32%, and credential stealing at 28%. The report also said that 28% of attacks were state-sponsored, meaning hacking syndicates backed by hostile states, while 24% were inside jobs. The leading cause of major cybersecurity incidents was password misuse at 56%, followed by insider threats at 44%, supply chain breaches at 40%, non-detection by existing technology at 40%, and missed vulnerabilities at 36%. These incidents led to a loss of customers, business downtime, reputational damage, regulatory penalties, and higher insurance premiums. Only 60% of the respondents were fully covered by their cybersecurity insurance.

There are plenty of examples locally. In 2020, the credit bureau Experian had a data breach that exposed the personal information of 24 million South Africans and 790 000 business entities; and the hack of TransUnion in 2022 exposed millions of South Africans to potential risk. There are more. Liberty Holdings, ViewFines and Ster-Kinekor were all attacked. The Dis-Chem cyber attack resulted in the data of over 3,6 million South Africans being compromised. I’m sure we’ve all had random emails and WhatsApps where we wondered how they got our information.

The most devastating ransomware attacks almost always begin with a simple Spear-Phishing attack to get a user with valuable credentials to click on an infected link. Of the South African companies surveyed by Trellix, 78% said they had paid a ransom of between five million and ten million dollars.

There are many technical solutions that can be put into place, but the most important barrier is your people. The key lies in strong passwords, regular training, checking your links with your end users and vendors, and not clicking on suspicious email links. A little prevention today could save you from huge problems tomorrow. As an example, I still remember my very first computer − a long time ago. It was a 64K Apple that I was ridiculously proud of, and my very first password was − password. At least that wouldn’t happen today.

At the recent MESA conference, I heard of another typical example. This was the story of a company in Abu Dhabi that was subject to a cyber attack. On the first two tries the hackers were unable to breach the company’s security. Then they employed three pretty girls to stand outside the offices and offer the people going in a free USB stick. Within five minutes they were in, and had all the information.

You also need to get your people’s cooperation, which is where training comes in. Nowadays, process plants operate on a whole new level. Everything is interconnected. While this brings huge benefits in productivity, it also makes them vulnerable. In response, companies are putting into place such strict policies that it’s very difficult to get access to a plant to work on it, and this is creating resistance from workers.

In the future, cyber resilience is going to become even more important. Looking ahead, quantum computing has the potential to take this to a whole new level. Quantum computers can perform calculations exponentially faster than today’s computers. We can expect to see the arrival of post-quantum cryptography to make cryptographic systems secure against attack.

On the other side, as quantum computers become more powerful, they could be a threat to current encryption standards like RSA. ‘Bad actors’ could decrypt encrypted data that is considered secure, potentially exposing sensitive information. While a regular computer needs millions of years to crack RSA algorithms, a fast quantum computer would take hours. Today’s encryption algorithms would become obsolete, putting communications, financial transactions, and military defences at risk.

The race is on to develop new quantum-resistant encryption methods that can withstand attacks like this. I’m optimistic that the good guys will win.


Credit(s)



Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Reinstatement opportunity for ECSA registration
News
In 2023 the Engineering Council of South Africa (ECSA) announced a special opportunity for engineers in South Africa to reinstate their registration status if it had been cancelled. This exclusive offer is available until the end of August 2024.

Read more...
From the editor's desk: A good servant and a bad master
Technews Publishing (SA Instrumentation & Control) News
In our new AI-generated world it was inevitable that the Nobel Committee would have noticed. And last November two pioneers of artificial intelligence, John Hopfield and Geoffrey Hinton, won the Nobel Prize ...

Read more...
Festo 100th Anniversary: Celebrating a century-long legacy of innovation and commitment
Festo South Africa News
Festo has officially begun celebrating 100 years of groundbreaking technology, commitment and enduring partnerships. To kick off this historic milestone celebration, their Customer Innovation Day and ThankYou Party series brought together customers, partners and employees to reflect on their journey and look ahead to an exciting future.

Read more...
German Chancellor visits Beckhoff at Hannover Messe
Beckhoff Automation News
As part of the traditional Hannover Messe opening tour, Federal Chancellor of Germany, Olaf Scholz visited German company, Beckhoff Automation. Hans Beckhoff, managing director and owner of Beckhoff Automation, presented his company and its comprehensive expertise in the field of software and AI.

Read more...
Iritron celebrates 25 years of excellence
Iritron News
When Iritron, a leading provider of engineering and industrial solutions was founded in 2000, it was on the principles of exceptional service and lasting part-nerships. Today, Iritron has grown from a small team of four into a company of over 120 employees, serving clients across South Africa and beyond.

Read more...
A racing partnership
SKF South Africa News
In one of motorsport’s most demanding arenas, a partnership forged in engineering precision and high-performance ambition has proven its worth. SKF, a global leader in bearing technology and innovation, celebrated a remarkable milestone in partnership with SVR Toyota GAZOO Racing, taking second position overall at the 2025 Dakar Rally.

Read more...
Question and Answer: Martin Hiller, portfolio director of AATF
News
AATF is here.

Read more...
Two weeks to go: AATF 2025 welcomes Africa’s industrial future
News
With less than two weeks to go, the countdown to Africa Automation Technology Fair 2025 is on - and there’s never been a better time to register.

Read more...
SEW-EURODRIVE grows its African footprint to become a leading force on the continent
SEW-EURODRIVE News
Momentum continues to grow behind the ambitious plans of SEW-EURODRIVE South Africa to become a leading force in the continent’s industrial gearbox business, drives and automation solutions.

Read more...
Schneider Electric at AATF
Schneider Electric South Africa News
Schneider Electric will be participating in the 13th edition of the Africa Automation and Technology Fair

Read more...