14 Oct 1 in 3 industrial systems in South Africa face cyber attacks

A new report from Kaspersky has identified that one in three industrial computers in Africa are at risk of a cyber attack.

The industrial control systems (ICS) threat landscape report revealed various types of “malicious objects” were blocked on one in three ICS computers in South Africa (33 percent, marking an 11 percent increase from the second half of 2021) over the last six months.

Across Africa, 36 percent of Kenyan ICS terminals blocked malicious entities, a 20 percent increase from last year, while in Senegal there was 41 percent of ICS computers on which malicious objects were blocked, In Nigeria – 34 percent, and in Gabon – 38 percent.

In terms of targeted industries, ICS computers in the META (Middle East, Turkey and Africa) region in oil and gas faced attacks most often (47 percent of these systems were attacked).

ICS computers are used most often in large-scale industrial corporations and businesses, such as in the oil and gas sector, as well as in energy, automotive manufacturing, and others to perform OT functions like supervisory control and data acquisition (SCADA).

Emad Haffar, head of technical experts at Kaspersky commented: “Sophisticated attacks have increased the demand for better visibility of the cyber-risks that impact industrial control systems.”

According to the report, the most popular attack vectors used against ICS processes in the African region are malicious scripts and phishing pages.

In the last six months, such scripts and pages were blocked on 19 percent of ICS computers in South Africa, a 12 percent increase from H2 2021. In Senegal, Nigeria and Gabon, 13 percent of ICS computers were affected, and 17 percent in Kenya.

Kaspersky also added that every tenth ICS computer in Africa had spyware on it blocked in H1 2022. In South Africa, spyware was blocked on 9% of ICS computers.

Haffar added: “The integration of IT and OT systems has highlighted the need for comprehensive yet purposely built cybersecurity programs. Digital transformation programs require a new approach to ensure the secure deployment and operation of a variety of new, potentially unsafe devices within plant boundaries.”