How vulnerable is SA's ICT infrastructure?
While policies around cyber security are good to have, policy alone lacks the potential to quantify data, and countries need to establish what their ICT assets are - and what vulnerabilities lurk within them.
This is according to Ignus Swart, senior information security specialist: cyber defence unit, at the Council for Scientific and Industrial Research (CSIR). He was part of a recent research initiative into SA's ICT infrastructure assets, aimed at fine-tuning the cyber security focus.
Swart was speaking at ITWeb Security Summit 2015, in Midrand, yesterday. He noted the CSIR used open source information that was available online to put together a first-of-its-kind study, revealing - with about 60% accuracy - how vulnerable SA's ICT infrastructure is.
"While it may be a perception that open source information is not valuable, most of the information you need, can be found from open sources. Al Qaeda stated 80% of all information required to breach a target is available online. Subsequent research actually showed this is closer to 100%."
Some of the data sources examined by CSIR included: Shodan, Builtwith, PhishTank, Bing, Google, Pastebin, Twitter, Honeypots, OpenResolver, Hackerweb, blacklists and databases.
The following are the results, by province, of vulnerabilities found according to each respective asset base. Because verification cannot yet legally be obtained, the numbers are "probability estimates", Swart noted. Further data sources will be added in future to increase the accuracy of the data.
1. Gauteng: 346 317 devices, vulnerability count of 5 421 291
2. Western Cape: 154 982 devices, vulnerability count of 2 174 833
3. KwaZulu-Natal: 57 444 devices, vulnerability count of 723 209
4. Eastern Cape: 20 148 devices, vulnerability count of 229 202
5. North West: 87 871 devices, vulnerability count of 135 226
6. Free State: 6 168 devices, vulnerability count of 70 218
7. Mpumalanga: 4 166 devices, vulnerability count of 50 404
8. Limpopo: 3 094 devices, vulnerability count of 24 084
9. Northern Cape: 2 045 devices, vulnerability count of 11 077
Increasingly, attacks are taking place at a national level, rather than only at a company level, Swart noted. "[The study revealed] there are a lot of vulnerabilities out there, which we could fix."
The CSIR hopes the research will help cyber policies become more effective in the long run.