The CSIR and Denel have – and are – progressing on various aspects of South Africa’s ability to defend itself from cyberattacks, an area the Department of Defence (DoD) has allocated R72 million to over the medium term.
In its latest annual report the Council for Scientific and Industrial Research (CSIR) states it has developed two home-grown cybersecurity technologies in response to local and global cybersecurity challenges.
One is a solution seeking to promote compliance with South Africa’s Protection of Personal Information Act and, for defence and national sovereignty purposes, the cybersecurity policy framework. This will monitor threats and safeguard South Africa digital borders.
“The system,” according to the report, “focuses on the national cyberattack entry points for hardware, software and people. It consists of a visualisation component, a hardware and software infrastructure information sensor and a personal information sensor. The function of these components is to proactively visualise the potential cyberattack entry points related to hardware, software and personal information. The system is also capable of detecting vulnerabilities within devices connected to the Internet. This innovation has been tested and preliminarily deployed for testing purposes in the cybersecurity hub managed by the Department of Telecommunications and Postal Services”.
State-owned defence and technology conglomerate, Denel, is also aware of the necessity for South Africa to be cyber-aware and has set up the Denel Technical Cyber Command Centre (DTC3). Denel’s latest annual report notes it establishment was “an important step to strengthen South Africa’s sovereign capabilities in critical areas and stimulate the growth of research and development in highly specialised sectors”.
A Denel/CSIR partnership has already resulted in development of a local technology to detect illegal fishing and the unauthorised dumping of waste oil into the ocean.
“The SeaFAR technology is a major contribution to the broader national objectives to grow the country’s ocean economy through Operation Phakisa. Similar collaboration with the CSIR and Armscor has produced the C-more system, a new software platform that will provide the security sector with improved real-time situational awareness with wide applications in the defence, crime prevention and border management environments,” the Denel report states.
According to the DoD 2017 Annual Performance Plan a Cyber Command headquarters will be set up in the 2018/19 financial year.
The importance of having a working cyber defence strategy in place has been emphasised by defence analyst Helmoed Romer Heitman.
“The potential consequences of a major cyber-attack in terms of damage to the economy and to the ability of the country to function are such that this should be regarded as part of the defence domain. This is an intelligence-heavy area, so the requisite intelligence and protection/defence capabilities, and the development or pre-emptive and counter-strike capabilities, should for now lie with Defence Intelligence. Looking forward we may need a separate branch of the Defence Force,” he said.
As far as targets in the cyber domain are concerned he points out systems controlling electricity and water reticulation, telecommunications, railways, air traffic and some industrial plants are only some.