Technologies such as tracking tags, CCTV and thermal cameras, wireless sensor networks, mobile apps and drones are being used in anti-poaching operations for intelligence and communications to protect wildlife.
But these technologies bring with them the risk of cyberattacks and, therefore, communication networks and IT infrastructure must be well set up and securely authenticated.
This is according to Christelle Steyn, who is part of Orange Cyberdefence Academy. She recently obtained a master’s degree in socio-informatics at Stellenbosch University.
Anti-poaching systems
The title of her thesis was Towards a Critical Review of Cybersecurity Risks in Anti-Poaching Systems in South Africa. As part of her study, Steyn used a network software emulator to simulate a hypothetical network of anti-poaching technologies that could be applied in the conservation of wildlife such as rhinos, elephants, pangolins and lions.
ALSO READ: Anti-poaching efforts pay off
She pointed out that anti-poaching operations don’t want to divulge real-world data on the status and capabilities of their systems or their mitigation strategies.
Simulation
Steyn used the simulation to carry out cyberattacks identified as pertinent to show the risks inherent to such a network. With the data from the simulation, she performed threat modelling to determine the severity of the potential threats faced by anti-poaching networks.
These attacks were then mitigated via system configurations. Steyn said many of the attacks targeted the backbone of the network – the router and the switch.
ALSO READ: SA turns to lie-detectors in anti-poaching war
“These network appliances were found to be the most vulnerable to the broad classes of denial of service (DOS) and man in the middle (MIM) attacks. DOS attacks disrupt a service, while MIM attacks intercept data on the network.
“Through my simulation, I discovered that many security features are not always applied by default when acquiring a new network appliance such as a router or switch. So, from the start, correct and adequate configuration is necessary.
“Since many of the technologies used in anti-poaching operations are connected to either another device, a database, a network, or the internet to transmit data, they are all vulnerable to attack. The systems used to store the collected data are ultimately at most risk, especially if they can be accessed by cybersecurity compromises of the network or connected devices.”
ALSO READ: Poaching, horn trade declines but rhinos still in danger
Steyn recommends comprehensive anti-virus and regular software updates, intruder detection systems and firewalls, an extra layer of protection beyond just a username and password, regular security audits performed by an expert and the creation of a security-aware culture among employees to mitigate attacks.
– Basson is a science writer for Stellenbosch University
