With the advent of the Internet of Things, the agriculture sector faced increasing exposure to cyber-attacks, he said. Some attacks over the years included those that paralysed systems that mixed animal feed and those that administered feed on farms.
Locally, a cyber-attack on Transnet brought ports to a standstill, halting exports, while an attack on Onderstepoort Biological Services several years ago prevented vaccine production.
Petzer noted that the modern supply chain was very long and complex, making it difficult to prevent cyber-attacks. He also pointed to research that showed that attacks on the agriculture sector were increasing.
“Agricultural systems are being targeted because it has a real-world impact: it can lead to failed crops, dead livestock and poisoned water. Traditional attacks cause intangible loss [in the form of] data, money, and reputation,” said Petzer.
He added that the perpetrators of cyber-attacks on the agriculture sector were cybercriminals who profited through ransomware, hacktivists (those who use cyber-attacks to promote a political agenda), terrorist groups and thrill seekers.
According to research, South Africa did not have a good track record in guarding against cyber-attacks, he said.
“South Africa is ranked 8th worst in the world for falling prey to ransomware. We rank 5th on the list for the worst cyber security globally. Agriculture in general has been shown to have a low level of cyber security in place, since attacks are not perceived as being as prevalent as in the banking sector, for example.”
Lwando Cwane, cyber insurance lead at Hollard, noted that the global cost of cyber-attacks was around US$10,5 trillion (about R192 trillion) annually.
“South Africa has the highest probability of a repeat breach, with more than 83% of businesses experiencing more than one breach in the last 12 months.
“The time it takes for a company to identify a breach is 235 days. During this time, the hackers have full access to your systems and can formulate the best time to institute an attack. They would also be able to access accounts during this time and siphon off funds. Once detected, the average days to contain a breach is 88 days.”
To guard against cyber-attacks, companies were advised to increase cyber security, with a large focus on employee training. Petzer stated that as 98% of cyber-attacks were enabled by human error, such as clicking on dangerous links, companies would do well to educate employees about cyber security.