Be warned: Buildings next in line for cyberattacks, Joburg municipality is just the beginning
Technology / 1 November 2019, 10:00am / Wesley Diphoko
CAPE TOWN – The Johannesburg municipality cyberattack is just the beginning of attacks that will befall society as technology becomes part of everything.
According to the World Economic Forum (WEF), cyberattacks are one of the top 10 global risks of highest concern in the next decade, with an estimated price tag of $90 trillion (R1 332trln) if cyber-security efforts do not keep pace with technological change. The next victim of cyberattacks could be buildings.
Most people who work in cities work in smart buildings that control their environment with technology. Most of these buildings have sensors that monitor their operations. Most elements of modern-day buildings use technology for lighting, audiovisual, smart metering, parking, elevators, video surveillance, access and security as well as air quality.
Digitising buildings is currently a major trend. However, this trend comes with new security issues, according to Frost & Sullivan’s IT/OT Security Convergence for Building Technologies report. The market for information technology (IT) operation technology (OT) security services in smart buildings are predicted to hit $897 million by 2022, reaching a record compound annual growth rate of 37 percent, the report found.
According to Eset security expert Tony Anscombe, perpetrators of cyber-risks in buildings could be nation-states, criminals and hacktivists. Speaking at the 2019 Eset Security Day, Anscombe indicated that in some buildings attacks could come in the form of remotely controlling temperature by shutting down cooling/heating systems within a building and causing chaos. Such an attack could be disastrous for a hospital building.
This highlights the need to do everything possible to ensure that people are safe as technology gets adopted into every aspect of modern life. The challenge, however, is that there are few professionals who can safeguard people from cyberattacks, especially in South Africa.
According to the 2018 Joburg Centre for Software Engineering and IITPSA ICT Skills survey, there’s a big demand for ICT Security specialists in South Africa. The report also highlights a major shortage of these cybersecurity skills in the country.
To combat future cybersecurity risks, there's a need to invest in the skills development of a cyber security force. The process of developing such a skilled workforce should be viewed in the same way as spending in the national defence force.
The WEF estimates that by 2020, $3trln will be lost to cybercrime. Securing businesses and organisations from cyberattacks can no longer be left to professionals.
The Johannesburg municipality is not the only local government entity to be attacked, this is a global challenge. Atlanta in the US is another famous case. The city was attacked by a virus known as SamSam in March 2018. The virus infected the city’s networks and encrypted at least one-third of its applications. The infection spread far beyond court schedules and public Wi-Fi. Elected officials and city employees reported losing years’ worth of correspondence.
Reflecting on this incidence mayor Keisha Lance Bottoms of Atlanta, who had just been inaugurated two months before the incident, admitted in the ensuing weeks that she had not given much thought to cybersecurity.
But it quickly became a top priority for the city.
Now that it's known that cyberattacks will come for cities, buildings and countries, cybersecurity should become the number one priority of a society that is embracing technology.
Wesley Diphoko is the editor-in-chief of The Infonomist. You can follow him on Twitter via @WesleyDiphoko