Many businesses view cyber security as an IT problem. This is understandable in some sectors, such as the mining industry, where IT spending is marginal compared with overall business expenditure. However, the use of technology is growing at every level in the mining sector, from drilling through to transportation and at corporate headquarters. As such, technology is becoming intrinsically linked to successful operations and the management of key information assets, leading to businesses being exposed to new forms of security threats.
More technology = more opportunity = more risk
Companies are holding increasing amounts of data and their computer systems and employees are becoming more interconnected, which opens up new avenues for attacks.
Mining operations and assets are increasingly connected.
The use of process control networks (PCNs) to monitor and control industrial infrastructure and processes is widespread in the mining sector. Traditionally, PCNs were considered relatively low risk from a cyber security perspective, as they were isolated from enterprise networks and could only be accessed onsite by mining staff. This is no longer the case, as in many businesses modern PCNs are fully integrated into company-wide networks, allowing staff to manage assets remotely. For example, minesites typically use either local or remote systems connected via the PCN to monitor, control and manage a range of environmental controls (e.g. air flow and circulation, detection of flammable or harmful gases, machine temperatures). If any one of these systems were targeted, it could lead to an increased risk of injury, or site and machinery damage.
Companies are holding increasing amounts of data electronically.
The amount of commercially sensitive R&D data, blue prints and intellectual property that companies store electronically is increasing rapidly. A cyber attack exposing these, as well as financial data or market intelligence, could damage a company’s competitiveness. Over the last couple of years several high profile mining companies have reported that their senior executives suspected they were being targeted for commercial espionage.
The world is becoming more interconnected.
As businesses grow and mature, they are more likely to adopt innovative communication technologies. At the same time, boundaries are being blurred between what is considered inside and outside an organisation. Company devices, such as laptops and tablets, are increasingly being used for personal purposes, while social media is being used more professionally, exposing companies more to cyber attacks. Mining companies are no exception in this regard.
Attacks are getting easier.
With malware readily available and accessible at record low prices, orchestrating cyber attacks is getting cheaper and easier, while the impact of such attacks is becoming more powerful. At the same time, attackers are becoming increasingly sophisticated.
New forms of attack
Attacks can vary greatly depending on the attacker’s sophistication and determination.
The least sophisticated forms of attacks are committed accidentally or by malware. These could include phishing (email scams to obtain personal data), spreading of trojans (email or browser-based attacks where the target accepts the virus and launches it on their computer) or computer worms. Most companies would have experienced these at one time or another.
“Hacktivism” – or the use of computer hacking to promote political ends or social change – is also becoming more prominent. The mining industry has always faced challenges from political groups, activists, environmentalists and lobbying groups and has had to learn to deal with traditional forms of protest from these groups. However, many of these are now using cyber attacks to target mining organisations and are thus able to cause higher levels of disruption. For example, as part of a campaign initiated against companies accused of being responsible for “destroying nature and ancient cultures,” a well-known hacker group has breached several company websites and leaked large amounts of sensitive data that reportedly included investor details, as well as company records.
State-sponsored cyber warfare has also been on the rise in the past few years. Miners have to negotiate and operate in a wide variety of geographies and with a broad range of parties, from suppliers to governments. Recent evidence suggests that a number of miners have lost legal and financial information, as well as deal, asset or IP data through cyber attacks that security experts classify as industrial espionage. The techniques being used have also become much more sophisticated, often exploiting “zero-day vulnerabilities” for which traditional security technologies have little or no defence. There is also increasing evidence of specific targeted attacks against organisations that demonstrate a military level of reconnaissance, planning, infiltration and exfiltration. When a company actually becomes aware that it has been attacked, it is then often too late.
What can companies do?
Companies need to understand the value of data to their organisation. What loss or damage would the unauthorised access or theft of company data cause? Is the organisation doing enough to protect its competitive advantage?
Making a company resilient to cyber crime should start at the top. Senior management needs to understand risks so that they can develop a strategy capable of managing sophisticated cyber threats.
Miners continuously need to improve their processes and technology to protect investments, reduce exposure and react in real time.
Finally, senior management also needs to raise awareness of cyber risks throughout the organisation. This means continuous education programmes so that employees can spot, report and thwart targeted attempts.
Mike Maddison is thepartner with responsibility for leading Deloitte’s Security & Resilience services in UK and EMEA. This article was first published in theSeptember issue of World Coal.
Read the article online at: https://www.worldcoal.com/coal/15102013/cyber_security_in_the_mining_sector_130/