It was the curse of the commentator. Deloitte Risk Advisory Africa had just released a report on the lack of organizations’ preparedness for cybersecurity attacks in Africa. Soon after, hackers attacked the government of the City of Johannesburg in South Africa.
On the 25th of October 2019, employees of the City of Johannesburg found the following message displayed on their terminals:
“All your servers and data have been hacked. We have dozens of back doors inside your city. We have control of everything in your city. We also compromised all passwords and sensitive data, such as finance and personal population information.”
The hackers asked for a ransom of 4.0 Bitcoins, which would amount to US$30,392. They threatened that if the city did not pay it by the 28th of October, that they would upload all of the data onto the internet. In July 2019, the City of Johannesburg’s electricity utility, City Power, was also hit with a ransomware attack that ended up encrypting many of the computers on their servers.
Upon the release of Deloitte’s report on cybersecurity titled ‘2019 Future of Cyber’, Deloitte Risk Advisory Africa cyber leader Eric McGee said, “Cyber leaders are focused on digital transformation as a catalyst for change for the broader enterprise and their cyber agendas. The survey results show that organizations are no longer taking a wait-and-see philosophy to preparing for and responding to cyber incidents.”
Hacking events are becoming so frequent in the United States that the Californian government has just passed the Internet of Things Security Law, which is to take effect from the 1st of January 2020. The new law will require any IoT-ready device manufactured in California to have reasonable security measures built-in. Forty-one billion devices are expected to be connected to the Internet of Things by 2025.
The rise of cybersecurity
Ransomware attacks and other hacking endeavors perpetrated across the globe are damaging to individuals, businesses, and governments. Companies are having to invest heavily in protecting their servers.
Engineering Institute of Technology’s Dean of Engineering, Steve Mackay, said, “Industrial network security is a rapidly growing problem.
“It impacts on all of us — ranging from the president of a company to the electrician or tech installing a PLC or instrument. We have all been exposed to hack attacks and viruses and are very much aware of how tough it is out there protecting your industrial assets. In the future, security will be one of those metrics that you talk about in the same breath as safety and quality.”
He says that as the steady march of the fourth industrial revolution continues, more and more devices are connecting to the internet through the advent of the Internet of Things. While these devices are making the home, the office, and the factory more efficient, they are sitting ducks for hackers. Utilities and infrastructure utilize a similar set of sensors and equipment that automates their operations, and it all integrates with the Industrial Internet of Things (IIoT).
Electrical utilities may have once been able to run their operations on air-gapped computers — those being computers which never get connected to unsecured networks like the internet — but utilities long ago began using open standards such as Ethernet, TCP/IP, and other web technologies.
The cybersecurity jobs sector is growing at 37% every year, as more devices that connect to the internet come online. Forbes reports that at the start of 2018, the United States lacked half a million cybersecurity professionals. It is therefore imperative that already graduated engineers, or those just starting their journey in academia, look into adding cybersecurity proficiencies to their curricula vitae.
“City of Joburg Website Hacked.” ENCA, 25 Oct. 2019, www.enca.com/news/city-of-joburg-website-hacked.
“Risk Advisory: Risk Advisory: DeloitteZA.” Deloitte South Africa, www2.deloitte.com/za/en/pages/risk/solutions/risk-advisory.html.