Electricity + Control September 2019

CYBER SECURITY

V alue-added distributor, Networks Unlimited Africa, has formalised a partnership agreement with Indegy, a leader in industrial cyber security that protects industrial control system networks from cyber threats, human error and malicious insiders. Stefan van de Giessen, General Manager: Cybersecurity at Networks Unlimited Africa, says, “We are excited to bring this new offering on board with the security division. Through our partnership with Indegy, we provide security for applications and systems in the industrial internet of things (IIoT), operational technology (OT), industrial control systems (ICS) and critical infrastructure arenas.” Erez Shalom, AVP Strategic Channels EMEA & APAC at Indegy, says, “Networks Unlimited Africa is a leading provider of security solutions for operational and information technology networks across several key industrial markets. This partnership will enable Indegy to penetrate and build market share in South Africa.” Van de Giessen adds, “The combination of IIoT connectivity offered across production and supply lines and the way in which OT is automating the modern world, interfacing through electro- mechanical devices and sensors, is opening up new vulnerabilities and making cyber security for industrial infrastructure a business imperative. “The vulnerability of OT systems to hackers puts critical infrastructure, such as water and energy supplies, transport networks and production lines, at risk of being disrupted or shut down. The main challenge in ensuring cyber security for industrial systems is to protect and maintain uninterrupted industrial processes.” Indegy’s customers globally include leading players across diverse sectors such as: automotive manufacturing, steel manufacturing, electrical power utilities, aerospace and defence, and financial services, among others. The Indegy Industrial Cybersecurity Suite provides: - Full threat detection and forensic trails Partnership to protect industrial control systems

Van de Giessen says, “The boundaries between IT and OT are blurring. We know that although the 2017 WannaCry ransomware and NotPetya malware attacks – which struck many organisations in Europe and the US in the space of two months – did not specifically target industrial networks, they did reach them. The incidents raised the profile of how malware can move to ICS environments and made the world aware that if threat actors wanted to launch a ransomware attack on industrial networks, they clearly could 1 . “After jumping from one computer to others and then racing across the globe, the NotPetya worm damaged far more systems and networks than its original Ukrainian targets, crippling hospitals in Pennsylvania, in the US, for example, halting TNT Express in Europe, and freezing global shipping giant Maersk’s systems for more than a week 2 .” When hackers caused a first-of-its-kind cyber attack in western Ukraine in December 2015, cutting off the lights to 225 000 people, this was widely regarded as being the first example of hackers shutting off critical energy systems that supplied hundreds of thousands of homes. That attack was followed a year later by another that cut power supply to hundreds of thousands of residents in the country’s capital, Kiev 3 . “These kinds of attacks show how vulnerable unprotected critical infrastructure systems can be. As a distributor of technologies which are carefully selected to complement each other and provide solutions where there may be gaps in the market, Networks Unlimited Africa offers its customers real business and security benefits. “In South Africa, security conversations have traditionally centred on the possible theft of intellectual property and personal data. Today, however, we need to add in thinking around the defences of industrial control systems and critical infrastructure. The stakes could be very high for those who do not,” says Van de Giessen. References 1 https://info.indegy.com/the-7-most-unsafe-gaps-for- industrial-cyber-security-lp 2 https://www.afr.com/technology/web/security/the-growing- industrial-cyber-threat-australia-is-ignoring-20190712-p526n7 3 https://www.reuters.com/article/us-ukraine-cyber- attack-energy/ukraines-power-outage-was-a-cyber- attack-ukrenergo-idUSKBN1521BA

Stefan van de Giessen, General Manager: Cybersecurity at Networks Unlimited Africa.

- Automated asset inventory - Vulnerability management - Configuration control.

For more information contact: Networks Unlimited Africa. Tel: +27 (0)11 202 8400, email: stefan.vdgiessen@nu.co.za

This suite of capabilities ties together in an out-of-the-box deployment and delivers alerts, automated reports and third-party integration with an organisation’s existing tools.

Electricity + Control

SEPTEMBER 2019

39