Throughout 2022, 40% of industrial control system (ICS) computers globally and 47% of ICS computers in Africa were attacked with malware, says cybersecurity company Kaspersky’s Industrial Control Systems Emergency Response Team (ICS CERT).

Ethiopia at 62% of ICS computers attacked, Algeria at 59% and Burundi at 57% were the countries in Africa that experienced the most malware attacks. Further, Rwanda experienced 46% of ICS computers being attacked, Kenya 41%, Nigeria and Zimbabwe 40% each, Ghana 39%, Zambia 38%, and South Africa and Uganda 36% each.

An ICS can be considered as a collection of personnel, hardware and software that can affect or influence the safe, secure and reliable operation of an industrial process. Information technology is one component of this environment, with operational technology (OT) another key element, Kaspersky ICS CERT said.

While traditional cybersecurity solutions focus on data-oriented businesses, ICS protection is geared towards OT security, where it is all about cyber-physical companies, such as utilities, mining and manufacturing, besides others.

“Effective OT cybersecurity measures must, therefore, include industrial endpoint protection to prevent accidental infections and make motivated intrusion more difficult, OT network monitoring and anomaly detection to identify malicious actions on the level of programmable logic controllers, and dedicated expert services to investigate the infrastructure, conduct expert analytics, or mitigate the impact of an incident,” the team advises.

“Human error still plays a significant role in compromising ICS systems. As such, it needs to be managed much more proactively. This requires utility companies, mines and other companies operating in the industrial environment to look at building a Human Firewall,” says Kaspersky Middle East and African region technology expert and consultant Brandon Muller.

One of the best ways to achieve this is through the right security awareness and training solutions that deliver training that is easily digestible, practical and memorable, so that it will always stay top of mind, he notes.

“ICS malware attacks are a high-growth threat landscape in Africa. Companies must provide training to ensure staff are armed with the very latest skills and knowledge, especially given how quickly cyberincidents evolve,” adds Muller.

Further, there are sector-specific interventions to consider. For example, modern electrical power systems are complex environments requiring protection, automation and control solutions covering all areas of electric power facility operation, he says.

“Notwithstanding the technical challenges of securing this environment, organisational issues must also be considered, such as whether there are a lack of guides defining actions to be taken when suspicious activity is detected within automated systems. There is also often a lack of documents and practices relating to the investigation of disturbances in technological environments, including malicious influence on control systems,” Muller emphasises.

Mines are also vulnerable to potential malware attacks, especially at a time when Industry 4.0 digital technologies link key operational systems to data analytics and cloud environments and are confronted by escalating cybersecurity threats.