In the past, protecting assets meant safeguarding tangible facilities and equipment, but in the age of data, IoT and AI, keeping digital assets safe has become just as vital.
In recent months, the mining industry has seen several malicious cyber-attacks against operations, highlighting a potential lack of industrial cybersecurity in Australia.
Two notable attacks in 2024 were made against Sibanye-Stillwater and Evolution Mining.
On 11 July, Sibanye-Stillwater announced that a cyber-attack had affected its IT systems around the globe, and that it had initiated containment measures in line with its incident response plan to isolate its systems and safeguard critical data as soon as it became aware of the incident.
Evolution Mining revealed that it had come under attack on 8 August, also by ransomware that impacted its IT systems. The company said that it worked proactively with external cyber forensic experts to contain the incident, with a focus on protecting the safety and privacy of its people, systems and data.
While in both cases the companies’ quick responses ensured minimal disruptions to systems and reduced the loss of private data, these attack attempts highlight a trend in cybersecurity risks in the industry that is likely to continue.
The critical nature and large scale of mining operations makes them particularly vulnerable, with potential cyber-security incidents posing significant threats to operational productivity, safety, employee privacy and future planning.
Industry operations increasingly rely on digital systems which are used to optimise productivity and minimise health and safety risks. As distributed control systems become more critical to the operation of mines, so does the need to protect these systems from interference.
A vital industry at risk
The mining industry has become a lucrative target for cyber-attacks. With such large operations – sometimes spread across multiple countries – the amount of data being shared to the cloud leaves operations vulnerable to malicious attacks.
Mining companies play a pivotal role in the economies of many nations, including Australia. By exploiting this vital industry, cyber criminals can enact major disruption across global supply chains and exfiltrate masses of data for future financial gain and competitive advantage.
Cyber-attacks can take a wide variety of forms. Some of the most concerning types of attacks for the mining industry include:
Cyber espionage
Mining companies are continuously generating valuable data. This data can be stolen for financial gain, to give a competitor an industrial advantage, or to hijack sales and mergers. As such, cyber-attackers may execute spyware and other techniques in a cyber espionage campaign to gather that information.
Supply chain risks
Attackers can leverage attacks on other parties in a supply chain to gain a backdoor into a mine operator’s corporate network. Third-parties, such as contractors, with poor security behaviours can be a significant threat, even to companies that are well prepared for a direct attack. For example, a connected contractor may allow a virus to migrate into the mine environment and shut down operational control systems.
Phishing
This is the leading source of malicious attacks across all industries. Phishing typically comes in the form of emails that contain malware disguised as innocuous links or attachments. The goal of such an email is to acquire the credentials of a system’s user, thereby getting a foothold into the corporate network and subsequently, operations.
Protecting digital assets
A holistic approach to asset protection requires companies to extend their defences to include company data and cyber assets. Building robust, proactive security systems, as well as providing quality cybersecurity awareness training for all staff, is a key step on this journey.
Investing in active defence systems that continuously scan for threats can ensure that potential attacks are detected immediately and can be acted upon. Regular penetration testing is also a useful practice. Professional ethical hackers can be employed to attempt to break through a security system, revealing weaknesses and allowing companies to shore up their defences.
Finally, having a thorough incident response plan can allow security personnel to isolate malicious attacks when they do occur, minimising an attacker’s access and keeping data, operations and staff safe.
Featured image: A holistic approach to asset protection includes protecting cyber assets.
Image: Song_about_summer/shutterstock.com
