Cybersecurity and the mining industry: How illegal data mining hurts the mining industry

The recent report from the international consulting and accounting firm Ernst and Young has created a buzz deep within the mining industry.

In its 2013 Global Information Security Survey, it was reported that respondents from the mining and metals industry have seen an increase in external threats, as 41 percent of survey respondents had reported at least one cyberhacking attack in the past year.

This was confirmed by Ernst and Young’s Asia Pacific Cyber Security Paul O’Rourke, who said, “The biggest threat the mining sector faces—and it is the same for utility providers and others—comes from the convergence of information technology (IT) and operational technology and the increased cyber risk that creates.”

How cyberattacks are done

True enough, one of the more major attacks reported was targeting subsea mining firm, Nautilus Minerals (TSE:NUS). Back in February 2013, the company had a standing agreement with Marine Assets Corporation (MAC), who then was building a charter vessel for the former’s Solwara 1 Project located just outside of Papua New Guinea.

During the course of Nautilus’ deposit to MAC of $10 million for the vessel’s down payment to what it knew as the shipbuilder’s account, the said amount was intercepted. As of its reporting, the matter was being investigated by both local and international authorities.

Other mining companies that have reported cyberattacks were during BHP Billiton’s bid to takeover PotashCorp as well as large-scale attacks on Fortescue Metals Group and the Australian network system of Rio Tinto. (Source)

The mining companies are very attractive to cyberhackers on many levels.  First amongst them is for financial gain, as the sector is well known to have massive cash inflows for investment purposes. Another reason may be for political motives, such as save the environment cyberactivists who seek to disrupt operations.

The problem is expected to increase exponentially in the next few years, since there is now a trend to increase automation, especially on the field. With increased focus on lowering costs, increasing productivity and miner safety, technology on the field has become the new rage. The increased use of drones and robots, both in the air and on the ground and especially underground, often using wireless technology to operate and control, would only increase the potential for cyberhacking.

Who is vulnerable?

The report further stated the most vulnerable to cyberattacks are small to mid-sized mining companies that extract strategic metals such as rare earth metals, tin and tungsten. These firms, compared to large mining companies, have lagged in increasing their security features on its systems as it now utilizes the Internet more than ever in its day to day operations.

Elliot added that the continued merging of operations technology and information technology have given a path to cyberhackers from the Internet to the heart of the mining companies operations. Many operations systems designs are, to his mind, “inherently less secure, as many old systems were not developed with security in mind.”

What is at stake?

This places Amur Minerals Corp (OTC:AMMCF) in a high state of alert especially as it is now embarking on its biggest project to date in the Kun-Manie mine located in Amur Blast, Russia.  The company is planning to utilize a large part of its operations using robots and drones as it extracts much valued nickel as well as copper from the site.

Even the White House is alarmed with the increased cyber attacks on mining firms. In a statement issued, it said, “At a time when public and private networks are facing an unprecedented threat from rogue hackers as well as organized crime as well as state actors, the President is unveiling the next steps in his plan to defend the nation’s systems.” The package, according  to sources, would be stepping up the prosecution of computer based crimes, increasing  imposable penalties as well as increased support for security measures to combat and abate cyber criminality.

What is the outlook?

The problem would still continue and even increase in frequency, according to another expert, Cisco Systems Chief Executive Officer John Chambers. Chambers said, “There is no data center or network in the world that hasn’t been hacked. If you watched the number of attacks, they’re going up exponentially this year, this year’s going to be much worse than last year.” He made these remarks in the latest Word Economic Forum held in Davos, Switzerland.

He added that very tough cybersecurity challenges now face businesses and other organizations. Often times, a breach is discovered only months after it was done, all because of an inefficient and often outdated defense system.

(Sources: 1, 2, 3, 4, 5, 6, 7)

—   

This article may include forward-looking statements. These forward-looking statements generally are identified by the words “believe,” “project,” “estimate,” “become,” “plan,” “will,” and similar expressions. These forward-looking statements involve known and unknown risks as well as uncertainties, including those discussed in the following cautionary statements and elsewhere in this article and on this site. Although the Company may believe that its expectations are based on reasonable assumptions, the actual results that the Company may achieve may differ materially from any forward-looking statements, which reflect the opinions of the management of the Company only as of the date hereof. Additionally, please make sure to read these important disclosures.