Cyber Security – Increased Risk In The Mining Sector

0

Rate this Article: (Be the First!)   Thanks for your rating!

More members of the mining industry are turning to automation as a way of boosting efficiency, boosting safety and ultimately boosting the bottom line.

But this new era of automation puts the mining industry at a greater risk of cyber attacks than ever before, making cyber security a key priority.

Last year, the Four Corner's programme, produced by Australian broadcaster ABC, reported Rio Tinto has in the past faced cyber attacks from China, leading to its Singapore office being taken offline for four days.

BHP Billiton also reportedly fell victim to a hacking attack while it was preparing a takeover bid for Rio Tinto, while Fortescue was said to have faced attacks at Perth and Pilbera which forced it to upgrade its security systems.

While none of the three companies named were willing to comment on the reports, the programme got the industry talking; just how high is the risk of cyber attacks for the mining sector?

Risk of Cyber Attack

Australian Attorney General Robert McClelland, speaking to Reuters on the sidelines of a security conference in Canberra, said: "There is no doubt that cyber-security threats are becoming worse.

"Without talking about specific incidents, there have been a number of reports concerning our resource companies."

While China is often named as a key perpetrator of the attacks, industry players are keen to stress it is by no means the only culprit.

Don Voelte, former chief executive of Woodside, speaking at the The Australian Deutsche Bank Business Leaders Forum in Perth, said: "It comes from everywhere. It comes from Eastern Europe; it comes from Russia. Just don't pick on the Chinese; it's everywhere."

These breaches are affecting everything from how work on major resource projects pushes ahead, to how mining companies are communicating with the government. Reports have even suggested Chinese hackers are looking at accessing pricing information being stored by mining companies.

Colin Barnett, the Western Australian Premier, was quoted by the Australian as saying: "A lot of the matters that are discussed, particularly on major projects, if nothing else they're market sensitive, so that always creates issues.

"And the companies are being careful on what they'll talk to the government about and yet they have to because there is so much to be negotiated."

Cyber Security

Mining companies clearly already have security systems in place which detect the reported - but often unconfirmed attacks - but the concerning breaches are clearly the ones companies are unaware are taking place.

Cyber criminals are creating increasingly sophisticated ways of getting in and out of computer systems undetected, whether to take commercial secrets or leave behind incriminating information, and their opportunities only become greater as more systems are networked and connected to the internet.

Last year, the Stuxnet worm successfully took control of Scada systems in at last 15 facilities around the globe, marking a new chapter in the abilities of cybercriminals.

Symantec noted: "The Stuxnet attacks were the first ones that specifically targeted ICS (industrial control systems). This is significant because it is an actual event of what was formerly just a plausible scenario."

United States authorities have already sent out warnings to utilities warning them about possible hacking attacks using simpler Stuxnet-style virus, which attacks factory processes, and new developments mean the mining industry could be receiving similar warnings some time soon.

PSI Production earlier this year revealed its PSI mining product, described as world first with the "all important mine operation processes and sub-processes... integrated into one central factory-level SCADA."

The company said its new system presents "previously unknown possibilities" for automation, and all its associated benefits.

But with high-level players acknowledging the increased risk of cyber attacks and taking control of Scada systems now a reality for hackers, in the future mining companies will be forced to balance the advantages of technology with the risks and invest in their cyber security accordingly.

Find this article interesting? Check out similar content at our Mine Site Automation and Communication Download Centre.