News


From the editor's desk: The weakest link

April 2024 News


Kim Roberts, Editor.

Lately I’ve been getting an ever-increasing number of articles on cybersecurity in my inbox. It’s easy to put it on the backburner, but there is no doubt that this is a very serious problem that’s not going to go away if you ignore it. Unsurprisingly, the weakest link is people, although they usually don’t get treated as harshly as those in the game show, The Weakest Link − remember that?

We generate around 2,5 quintillion bytes of data every day, leaving us all vulnerable to data misuse, cybersecurity attacks and identity theft, both in our own lives and in the commercial and industrial world. In a recent survey of 500 security executives from 13 countries around the world, including South Africa, cybersecurity company Trellix’s ‘Mind of the CISO 2023’ report has some sobering numbers. I thought the statistics were quite interesting.

Cybersecurity incidents involving phishing were at 40%, ransomware at 36%, business email compromise at 32%, and credential stealing at 28%. The report also said that 28% of attacks were state-sponsored, meaning hacking syndicates backed by hostile states, while 24% were inside jobs. The leading cause of major cybersecurity incidents was password misuse at 56%, followed by insider threats at 44%, supply chain breaches at 40%, non-detection by existing technology at 40%, and missed vulnerabilities at 36%. These incidents led to a loss of customers, business downtime, reputational damage, regulatory penalties, and higher insurance premiums. Only 60% of the respondents were fully covered by their cybersecurity insurance.

There are plenty of examples locally. In 2020, the credit bureau Experian had a data breach that exposed the personal information of 24 million South Africans and 790 000 business entities; and the hack of TransUnion in 2022 exposed millions of South Africans to potential risk. There are more. Liberty Holdings, ViewFines and Ster-Kinekor were all attacked. The Dis-Chem cyber attack resulted in the data of over 3,6 million South Africans being compromised. I’m sure we’ve all had random emails and WhatsApps where we wondered how they got our information.

The most devastating ransomware attacks almost always begin with a simple Spear-Phishing attack to get a user with valuable credentials to click on an infected link. Of the South African companies surveyed by Trellix, 78% said they had paid a ransom of between five million and ten million dollars.

There are many technical solutions that can be put into place, but the most important barrier is your people. The key lies in strong passwords, regular training, checking your links with your end users and vendors, and not clicking on suspicious email links. A little prevention today could save you from huge problems tomorrow. As an example, I still remember my very first computer − a long time ago. It was a 64K Apple that I was ridiculously proud of, and my very first password was − password. At least that wouldn’t happen today.

At the recent MESA conference, I heard of another typical example. This was the story of a company in Abu Dhabi that was subject to a cyber attack. On the first two tries the hackers were unable to breach the company’s security. Then they employed three pretty girls to stand outside the offices and offer the people going in a free USB stick. Within five minutes they were in, and had all the information.

You also need to get your people’s cooperation, which is where training comes in. Nowadays, process plants operate on a whole new level. Everything is interconnected. While this brings huge benefits in productivity, it also makes them vulnerable. In response, companies are putting into place such strict policies that it’s very difficult to get access to a plant to work on it, and this is creating resistance from workers.

In the future, cyber resilience is going to become even more important. Looking ahead, quantum computing has the potential to take this to a whole new level. Quantum computers can perform calculations exponentially faster than today’s computers. We can expect to see the arrival of post-quantum cryptography to make cryptographic systems secure against attack.

On the other side, as quantum computers become more powerful, they could be a threat to current encryption standards like RSA. ‘Bad actors’ could decrypt encrypted data that is considered secure, potentially exposing sensitive information. While a regular computer needs millions of years to crack RSA algorithms, a fast quantum computer would take hours. Today’s encryption algorithms would become obsolete, putting communications, financial transactions, and military defences at risk.

The race is on to develop new quantum-resistant encryption methods that can withstand attacks like this. I’m optimistic that the good guys will win.


Credit(s)



Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

New Würth Elektronik location in South Africa
News
A new Würth Elektronik branch has opened in Brackenfell, Western Cape. The location operates under the name Wurth Electronics South Africa and will serve local customers, as well as being responsible for markets in Botswana, Mauritius, Namibia, Tanzania and Zambia.

Read more...
John Thompson and BECS partner to deliver biomass energy solutions
News
John Thompson, a division of ACTOM and South Africa’s leading provider of industrial energy solutions, has announced a strategic partnership with Berkeley Energy Corporate Solutions, a specialist developer and supplier of biomass energy projects. Together, the companies aim to accelerate the deployment of reliable, renewable steam solutions to industrial customers across Africa.

Read more...
Academy pumps out the next generation of experts
News
KSB Pumps and Valves has invested in a specialised training centre designed to equip internal and branch staff and certified partners with in-depth knowledge of KSB products and systems.

Read more...
Celebrating the power of diversity in the engineering sector
News
The engineering sector has historically been a male-dominated field, and to a large extent it still is. However, this is changing, and the shift is gaining significant momentum as more women begin to take up leadership roles, spearheading innovation and driving inclusive growth.

Read more...
Fifteen years of promoting innovation and supporting engineering excellence
RS South Africa News
RS South Africa is celebrating 15 years of promoting innovation and supporting engineering excellence through DesignSpark, its pioneering online engineering platform.

Read more...
From the Editor's desk: What happened to the metaverse?
Technews Publishing (SA Instrumentation & Control) News
One of the most interesting technical crashes in recent years is the metaverse. As recently as 2022, it was white hot, with massive hype led by Meta. Even Bill Gates was saying that in two to three years ...

Read more...
Omniflex celebrates 60th anniversary
Omniflex Remote Monitoring Specialists News
Remote monitoring specialist Omniflex is celebrating its 60th anniversary.

Read more...
Nidec adopts Siemens Teamcenter for electric motor development
Siemens South Africa News
Siemens Digital Industries Software has announced that Nidec Corporation, a Japanese manufacturer and distributor of electric motors, has adopted Teamcenter X software from the Siemens Xcelerator portfolio of industry software to achieve innovative motor development and supply to set new industry standards, including automotive.

Read more...
Yaskawa Southern Africa and Sol-Tech advance industrial robotics training
Yaskawa Southern Africa News
Yaskawa Southern Africa has announced a strategic collaboration with Sol-Tech, a private vocational training institution based in Pretoria, to strengthen technical education in industrial robotics and support the development of future-focused talent for South Africa’s evolving manufacturing sector.

Read more...
Building skills and sharing knowledge for growth in Africa
SEW-EURODRIVE News
As a leading provider of drive and automation solutions across the continent, SEW-EURODRIVE recognises that local insight and on-the-ground capability are critical to delivering effective sustainable results. The company continues to invest in people development and technical training within its network of African subsidiaries and partners, supporting the long-term growth of its customers and the broader industrial ecosystem.

Read more...









While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.




© Technews Publishing (Pty) Ltd | All Rights Reserved