CyShield Exposes High-Risk OT Attack Scenarios at Cairo ICT
CyShield experts showcased some of the most complex and high-risk cybersecurity challenges facing Operational Technology (OT) environments during a live technical session at the 29th edition of the Cairo International Technology Exhibition and Conference, Cairo ICT 2025. The session featured hands-on demonstrations illustrating how critical infrastructure can be compromised and how such attacks can be countered effectively.
The session was led by Khaled Bin Al Waleed, Head of Cybersecurity Technology; Mohannad Dobal, Head of Cybersecurity Technology; and Abdelrahman Ali, Cybersecurity Manager at CyShield.
Speakers stressed that the objective of the session was to raise awareness about the urgent need to invest in OT security, given that these systems serve as the backbone of national critical infrastructure. They emphasized that close collaboration between experts, government bodies, and private-sector organizations is now essential to ensure operational continuity amid increasingly sophisticated cyberattacks.
The “Central Brain” of Critical Infrastructure
Khaled Bin Al Waleed explained that industrial control systems operate as the “central brain” managing physical equipment in vital facilities. He highlighted that RTU units do not require controllers in every site; instead, they are centrally managed through pressure measurements and command signals delivered via HMI interfaces.
He added that OT systems do not rely on traditional IT communication protocols but instead operate using specialized industrial protocols such as Modbus, introduced in 1979 and still widely used in factories without internet connectivity. The evolution of protocols such as DNP3, he noted, has strengthened operations across the electricity, water, and petroleum sectors.
Bin Al Waleed further explained that control levels range from manual operation of basic equipment to managing an entire city from one control room.
Systems That Cannot Be Frequently Updated
Speaking on OT system architecture, Mohannad Dobal noted that OT technologies impact daily life from the moment a person leaves their home—whether in transportation, electricity, or other critical infrastructure—yet they rely on protocols fundamentally different from IT systems.
He warned that the failure of a single protocol could halt an entire industrial operation. Achieving full OT Cyber Maturity, he said, remains a global challenge, especially for long-life systems—such as metro networks or banking infrastructure—that can operate for decades without updates.
“Unlike IT environments that undergo major upgrades every few years, OT systems simply cannot be updated frequently,” Dobal said. “This makes industrial control protection extremely sensitive due to its direct connection to everyday life.”
Attacks Capable of Disrupting Entire Cities
Abdelrahman Ali presented real-world attack scenarios, referring to one of the world’s most documented OT cyber incidents, where a single exploited vulnerability destroyed multiple PLC-controlled pumping motors at a nuclear facility between late 2009 and January 2010—an attack studied globally for years.
Ali warned that targeted OT system breaches can disrupt entire cities. An attacker who gains access through a single weakness in an OT network could remotely manipulate electricity, ventilation, or heating systems at scale.
Cairo ICT 2025: A Hub for Regional Digital Transformation
Cairo ICT 2025 is taking place from 16 to 19 November, under the patronage of Dr. Amr Talaat, Minister of Communications and Information Technology, at the Egypt International Exhibition Center in New Cairo. More than 500 exhibitors and a wide range of ministries, regulators, and government institutions are participating.
The exhibition features five specialized events:
PAFIX – Digital Payments & Financial Inclusion
AIDC – Artificial Intelligence, Data Centers & Cloud Computing
Connecta – Youth & Entertainment Technologies
Innovation Arena – Startup Innovation Platform
Cyber Zone – Dedicated cybersecurity zones across two locations
Participating entities include the Ministry of Communications and IT, the Central Bank of Egypt, the Financial Regulatory Authority, NTRA, ITIDA, Egypt Post, the Arab Organization for Industrialization, and Future of Egypt Authority as Guest of Honor.
Cairo ICT 2025 is sponsored by Dell Technologies, eFinance Group, WB Engineers + Consultants, CIB, Huawei, Orange Egypt, EgyptAir, Egypt Trust, Mastercard, Medar, and Fortinet, with additional sponsorship from Salesforce, Benya Group, Khazna, National Bank of Egypt, AAIB, Bank of Alexandria, Shaker Group, ICT Misr, IoT Misr, Network International, and Meinhardt.