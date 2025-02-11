Securing Africa’s manufacturing sector against cybercrime

Connectivity and automation have undeniably revolutionised the manufacturing sector, boosting efficiency and productivity. However, they have also introduced significant vulnerabilities, leaving the industry increasingly exposed to cybersecurity threats.

By Andre Froneman, OT solutions specialist at Datacentrix.

In fact, recent insights from Datacentrix partner, Check Point revealed that manufacturing emerged as the most impacted by cyberattacks in the third quarter of 2024, with the sector experiencing 30 percent of all reported ransomware attacks globally over the period.

Another concerning statistic was the fact that – at a regional level – Africa bore the brunt of cyber threats over the timespan, with local organisations facing an average of 3 370 attacks per week – an alarming 90% increase from the previous year.

Cybercriminals are exploiting vulnerabilities within manufacturing supply chains, targeting not only the manufacturers themselves, but also suppliers, logistics providers and even critical infrastructure. This underscores the urgent need for robust, proactive cybersecurity measures within this sector.

Attacks in manufacturing can originate from many sources, including energy suppliers, logistics providers and shop floor equipment. Methods could include:

Ransomware : Disrupting supplier operations and production schedules, leading to delays and financial losses.

: Disrupting supplier operations and production schedules, leading to delays and financial losses. Phishing : Extracting sensitive information such as login credentials or financial data, which could be used to disrupt operations or steal intellectual property.

: Extracting sensitive information such as login credentials or financial data, which could be used to disrupt operations or steal intellectual property. Distributed Denial of Service (DDoS) attacks : Overwhelming IT infrastructure and causing reputational damage.

: Overwhelming IT infrastructure and causing reputational damage. Malware infiltration : Introducing compromised components or software into the supply chain, potentially disrupting operations or compromising safety.

: Introducing compromised components or software into the supply chain, potentially disrupting operations or compromising safety. Industrial espionage: Targeting manufacturing processes or intellectual property for competitive advantage or resale on the black market.

Building a secure framework for manufacturing

To address these challenges, global criteria such as the International Electrotechnical Commission’s (IEC) 62443 standards and the International Organization for Standardization’s (ISO) 27001 standard for information security management systems (ISMS) have been developed. These frameworks promote comprehensive cybersecurity practices across the manufacturing value chain, encompassing development, production and distribution.

ISO 27001 helps organisations identify and address risks holistically, integrating people, policies and technology into their security strategies. The IEC 62443 series, tailored for operational technology (OT), specifies security requirements suited to industrial automation and control systems, which differ from traditional IT environments.

Proactive cybersecurity measures

To strengthen cybersecurity and comply with the related standards, South African manufacturing organisations should begin with a comprehensive risk assessment to pinpoint vulnerabilities. Datacentrix recommends adopting advanced cybersecurity technologies for both OT and IT environments, alongside regular workforce training, including non-IT employees, on security best practices.

It’s also possible to perform offline cyber audits for new equipment, where shop floor equipment can be scanned at staging or pre-production planning and certified as virus, malware and configuration risk free at that time and place. Furthermore, PLC code protection offers advanced PLC versioning, code management, code backup and function block level deployment services. This removes IP from engineering workstations and puts code in secure locations that are easily backed up, restored and documented for compliance and audits.