https://www.miningweekly.com

PwC warns of rising cyber-threats against manufacturers, miners

16th July 2021

By: Schalk Burger

Creamer Media Senior Deputy Editor

     

Font size: - +

Professional services multinational PwC has highlighted emerging cyber-threats affecting the mining and manufacturing sectors, particularly those in South Africa and the rest of the continent.

The technologies most targeted by attackers within these sectors are industrial control systems (ICS), which are embedded computer devices that are responsible for a myriad of automated process controls in industries, such as measuring instruments, packaging machinery and all other components of an assembly line that make parts for any production process, says PwC forensics technology solutions leader Junaid Amra.

Although there are considerable benefits in the convergence of these advanced technological systems and the operational technology that makes up the backbone of the sectors, it is important to note that reliance on connected and Internet-dependent systems is not without risks. Threat actors are starting to take an interest in organisations operating in this space, he points out.

Espionage has been growing as one of the driving forces behind cyber-attacks in the manufacturing industry. Cybercriminals gain access to the networks of businesses in these sectors, with the aim of stealing trade secrets and intellectual property.

However, PwC’s research has revealed that, although there has been a notable uptick in espionage-motivated incidents as compared to the same period last year, most of the attacks have predominantly been financially motivated (63% to 95%).

“The most common security vulnerabilities in operational technology or ICS networks and the most common attacks identified by PwC’s incident response teams over 2019 and 2020 were infiltration of insecure email platforms following cloud adoption, phishing and insecure remote access platforms, including virtual private networks or remote login.”

Once attackers have a foothold in an organisation, the tools and tactics they use are usually designed to monetise their attacks by the simplest means possible. An example is ransomware, which is a type of malicious software, or malware, which holds systems or data to ransom.

Global ransomware attacks across various industries in 2020 tracked by PwC show that 17% of these affected the manufacturing sector, but no data appears to have been advertised from the mining sector.

“Based on our experience, the attacks in the mining sector have largely been focused on electronic payment fraud, industrial espionage and sabotage. Data available for the African continent is limited; however, we believe this to be a representation of how susceptible African organisations in these sectors are to these types of attacks,” Amra says.

“Organisations in the mining and manufacturing sectors need to embed a safety culture against potential cyber-attacks. Organisations should have plans and processes in place to prevent, respond to and recover from a potential cyber-attack. The likelihood and consequences of a cyber-attack should not be downplayed. When it comes to cybersecurity, the time to act is now,” he says.

The Covid-19 pandemic has further exacerbated the problem of cyber-attacks. According to international research, there was an uptake in intrusion activity in the manufacturing sector in 2020, as well as several cybersecurity incidents in some countries’ mining and resources sectors, he notes.

Organisations that are mindful that a security breach can take several different forms and originate from several different places are in a better position to imagine ways of implementing the correct defences.

Local regulator stipulations and disclosure laws play a significant role in the number of incidents that are reported and, as a by- product, known to the public.

“Organisations in the manufacturing and mining sectors face a myriad of different cyber-threats. A number of organisations have not been paying enough attention to these and are not prioritising the implementation of the appropriate mitigation strategies.

“Owing to the increasing level of technology adoption, the consequences of attacks on organisations in these sectors can be far- reaching and potentially devastating. It is therefore important for businesses to understand key risk areas, attack vectors and vulnerabilities to ensure that they employ the correct controls to improve security and protect their assets.”

Cyber-attacks are becoming more pronounced as technology is embedded in operational processes.

Edited by Chanel de Bruyn
Creamer Media Senior Deputy Editor Online

Comments

Showroom

Rentech
Rentech

Rentech provides renewable energy products and services to the local and selected African markets. Supplying inverters, lithium and lead-acid...

VISIT SHOWROOM 
Booyco Electronics
Booyco Electronics

Booyco Electronics, South African pioneer of Proximity Detection Systems, offers safety solutions for underground and surface mining, quarrying,...

VISIT SHOWROOM 

Latest Multimedia

sponsored by

Hyphen, Eva mine, ferrochrome price make headlines
Hyphen, Eva mine, ferrochrome price make headlines
27th March 2024
Resources Watch
Resources Watch
27th March 2024

Option 1 (equivalent of R125 a month):

Receive a weekly copy of Creamer Media's Engineering News & Mining Weekly magazine
(print copy for those in South Africa and e-magazine for those outside of South Africa)
Receive daily email newsletters
Access to full search results
Access archive of magazine back copies
Access to Projects in Progress
Access to ONE Research Report of your choice in PDF format

Option 2 (equivalent of R375 a month):

All benefits from Option 1
PLUS
Access to Creamer Media's Research Channel Africa for ALL Research Reports, in PDF format, on various industrial and mining sectors including Electricity; Water; Energy Transition; Hydrogen; Roads, Rail and Ports; Coal; Gold; Platinum; Battery Metals; etc.

Already a subscriber?

Forgotten your password?

MAGAZINE & ONLINE

SUBSCRIBE

RESEARCH CHANNEL AFRICA

SUBSCRIBE

CORPORATE PACKAGES

CLICK FOR A QUOTATION







sq:0.135 0.165s - 88pq - 2rq
Subscribe Now