Categories

Editor's Choice
Tech Jobs Network
News & Events
Access Control & Identity Management
AI & Data Analytics
Asset Management
Associations
Conferences & Events
Facilities & Building Management
Fire & Safety
Information Security
Infrastructure
Integrated Solutions
IoT & Automation
Perimeter Security, Alarms & Intruder Detection
Power Management
Products & Solutions
Security Services & Risk Management
Smart Home Automation 
Surveillance
Training & Education
Videos
Security by Industry Sector ▾








Print this page printer friendly version

When cybercrime affects health and safety

1 April 2019 Editor's Choice, Information Security

By Craig Gonzales, head of ethical hacking AMEA, BT in Africa.

Too often I read cybercrime articles where experts lay out a doomsday scenario without following through with strategies for tackling the issues. So today I want to do things differently, raising awareness of a significant problem, but also offering a simple approach to help you avoid it happening to your organisation.

Craig Gonzales
Craig Gonzales

As a matter of course, certain industries, such as oil and gas, manufacturing, and chemicals, already take human life into consideration when designing and planning work, using frameworks from disaster recovery planning through to checklists designed to avoid issues. These industries are well aware that disasters are usually caused by some combination of human error, dangerous working conditions, and faulty equipment.

The threat of a category one cyber-attack in these industries is that everything could seem right – the readings on the meter could be fine, checklists would be followed, and equipment would work as it’s supposed to – yet danger could still unfold. This was seen back in 2010 when the Stuxnet virus caused fast-spinning centrifuges to tear themselves apart. While this attack didn’t cost lives, it’s not improbable to imagine another attack that does have catastrophic consequences.

Serious cybercrime is around the corner

Ciaran Martin, CEO of the National Cyber Security Centre (NCSC), outlines the stark reality of cybercrime today: “I remain in little doubt we will be tested to the full, as a centre, and as a nation, by a major incident at some point in the years ahead – what we would call a category one attack.”

A category one attack causes “sustained disruption of UK essential services or affects UK national security, leading to severe economic or social consequences or loss of life”. The UK government expects this type of attack to happen as cyber warfare and Internet-connected control systems increase in popularity, yet that expectation or threat is not limited to the UK. Almost every country has critical national infrastructure, many of which are based on similar hardware and software, so when vulnerabilities are identified and exploited, the impact could be felt anywhere.

How to prevent a category one attack

You’re not in a position to identify and patch every zero-day in your supply chain, so there are no guarantees. Likewise, a category one attack will most likely come from a nation-state attacker with time, money, and legal protection. Our recommendation is to mix board-level awareness with a systematic approach to defence in depth. These best practices allow you to make the right defensive decisions whilst mitigating the impact of an exploited vulnerability.

Step 1: Get the C-suite and board to buy into this threat

We’re in a time when security is top-of-mind at the highest level and you should work hard to ensure senior leaders fundamentally believe that they don’t want to be the company that experiences a category one. Every senior security leader and chief I speak to repeats the importance of governance in business operations. Your job is to convince them that this isn’t a scenario where ‘risk acceptance’ is acceptable. Once you get them on board, you’re able to take the next step.

Step 2: Assess and interpret threat intelligence

Once your leadership is on board, you must assess what you have and what could be vulnerable to a category one, and then seek threat intelligence on those assets. When working with customers, our first step in any job is to try and understand what exists, what could be vulnerable, and then act upon that knowledge.

If you have the senior approval, then take the time to assess your situation and invest in threat intelligence against the systems you have. When new vulnerabilities are disclosed or when other industrial control systems (ICS) are attacked, even if it’s in the academic research versus in the wild, you should have a mechanism to know that and start paying attention to your systems.

Step 3: Continuous visibility

Knowing what is happening in your ICS is vital for identifying and stopping an attack. The marketplace and talent for asset and traffic visibility is growing rapidly, so finding help shouldn’t be hard, but making the decision to capture and analyse traffic to your ICS is essential.

Step 4: Mitigate damage

Finally, once you know what could be vulnerable and have intelligence and monitoring established, you’ll want war game and table-top scenarios to see what fallout could occur. Running these exercises will give you a sense of the damage that could be caused. This then leads to disaster recovery updates, new processes and procedures, and maybe new mitigation technology so breakdowns don’t cascade into category one experiences.

Find out more about BT’s ethical hacking services at https://www.globalservices.bt.com/en/solutions/products/security-ethical-hacking





Share this article:
Share via emailShare via LinkedInPrint this page


Further reading:

Here’s to a SMART 2025
SMART Security Solutions Editor's Choice News & Events
This is the final news brief from SMART Security Solutions for 2024, and the teams would like to take this opportunity to thank our readers, advertisers and partners and wish everyone a safe and secure festive season.

Read more...
Smart surveillance and cyber resilience
Axis Communications SA Surveillance Information Security Government and Parastatal (Industry) Facilities & Building Management
South Africa’s critical infrastructure sector has to step up its game regarding cybersecurity and the evolving risk landscape. The sector has become a prime target for cybercriminals on top of physical threat actors, and the consequences of an incident can be far-reaching.

Read more...
SA company develops world-first safe K9 training for drug detection
Editor's Choice News & Events Security Services & Risk Management Government and Parastatal (Industry)
The Braveheart Bio-Dog Academy recently announced the results of its scientific research into training dogs to accurately detect drugs and explosives without harming either the dogs or their handlers.

Read more...
Autonomous healing systems are the future
Infrastructure Information Security AI & Data Analytics
Autonomous healing software, an emerging technology, is gaining traction for its potential to transform how organisations manage software maintenance, security, and system performance.

Read more...
AI-powered automation for an operational efficiency edge
Editor's Choice AI & Data Analytics IoT & Automation
In the fast-moving world of digital transformation, businesses are under immense pressure to accelerate their operations and adapt quickly to stay competitive in an era dominated by AI and technological advancements.

Read more...
2025 Southern Africa OSPAs entries now open
Technews Publishing Editor's Choice News & Events Training & Education
Entries are now open for the 2025 Southern Africa Outstanding Security Performance Awards (OSPAs). The OSPAs are designed to be both independent and inclusive, providing an opportunity for outstanding performers, to be recognised and their success to be celebrated.

Read more...
Elvey to distribute Tiandy
Elvey Security Technologies Editor's Choice Surveillance News & Events
Tiandy’s presence in South Africa was boosted in November with the announcement that Elvey Security Technologies will distribute a broad range of Tiandy equipment through its channel partners and provide project assistance.

Read more...
Standards for fire detection
SAQCC (Fire) Editor's Choice Fire & Safety Associations
With the increased number of devastating fires reported throughout South Africa, adequate and suitable fire detection cannot be overstated. SAQCC Fire will publish a series of articles in SMART Security Solutions to provide insight into fire detection requirements and importance.

Read more...
Taking fire safety seriously
G2 Fire Editor's Choice Fire & Safety Security Services & Risk Management
To gain insights into how fire systems must be designed, installed and maintained, SMART Security Solutions asked Nichola Allan, MD of G2 Fire, for some insights into the local fire market.

Read more...
The best of local and international
Technoswitch Fire Detection & Suppression Editor's Choice
SMART Security Solutions speaks to Technoswitch’s Managing Director, Brett Birch, to learn more about the company and how it serves the fire safety market in South and sub-Saharan Africa.

Read more...











SMART Security Business Directory



Published by Technews

»  Dataweek Electronics & Communications Technology
»  Electronics Buyers' Guide (EBG)

»  SMART Security Solutions
»  SMART Security Business Directory

»  Motion Control in Southern Africa
»  Motion Control Buyers' Guide (MCBG)

»  South African Instrumentation & Control
»  South African Instrumentation & Control Buyers' Guide (IBG)



© Technews Publishing (Pty) Ltd. | All Rights Reserved.