Cybersecurity in the mining industry: the past, present, and future of combating cyber risks

The cybersecurity landscape is complex, sophisticated and evolving rapidly. In 2022, there were 76,000 cybercrime reports, equivalent to 1 report for every 7 minutes^1.. No industries were spared by hackers, with parties impacted ranging from Optus, Medibank and Canva, to the Australian National University and the Australian Parliament House.

Recent attacks have raised significant concerns regarding the online security of major companies, most notably the September 2022 Optus attack, and the October 2022 Medibank data breach that affected at least 2.5 million users and 9.7 millions customers respectively.

Despite the mining and metals industry being ‘physical’ in nature, it is not immune to such attacks. Quite the contrary, physical infrastructure presents targets that have the sort of high value impact that makes ransom attractive. The 2022 attack on Europe’s largest copper producer – Aurubis, and the 2023 attack on Canadian Copper Mountain Mining, exemplify this.

Fuelled by monetary gains, and in certain occasions, to obtain sensitive information, the incidences of cyber threats are growing rapidly, an increase of 13%² from the previous year. As mining companies adopt cutting-edge technologies, they inadvertently position themselves as targets for extortion. The consequences can be detrimental, ranging from significant financial or confidential information loss to workers safety concerns.

Past events in the mining industry

Cyber-attack cases in the mining industry have been reported as far back as 2010³. It was alleged that mining giants BHP, Rio Tinto and Fortescue were victims to corporate espionage from hackers.

Financial loss is a key consideration for mining companies when it comes to cyber-attacks. This is emphasised in the 2021 large-scale attack targeted at Weir Group – a global supplier in the latest minerals excavation and processing technology. The attack remains as one the most advanced breaches in recent years, with an estimated loss of around £5 million. The incident serves as a warning sign for global mining companies to restructure their approach to cyber risks and develop more secure preventative measures.

The State of Play’s 2020 Cybersecurity Report⁴ explores the significance of cybersecurity issues in the mining industry, raising this concern as a strategic consideration over an operational one. When asked ‘What are the most impactful consequences from cybersecurity risk for your company?’, 28% of respondents believed it would be financial loss.

Future: how can AI technology alleviate the stress of cyber attacks?

With an increasing reliance on technology, mining companies are shifting towards automation and digitisation to best aid them in their operations. In 2019, 38.4%⁵ of users in the Australia mining sector were targeted with malicious emails. And in 2020, there was also an estimated count of 70 cybersecurity incidents⁶ targeted towards the mining industry.

Going forward, the industry needs to take a strategic approach to cybersecurity. Technology needs to be countered with technology, and in this instance, cyber-attacks need to be countered with artificial intelligence (AI). In the State of Play’s 2020 Cybersecurity Report, when asked ‘What technology trends do you believe will have the biggest impact on cybersecurity over the next 10 years?’, 29% of respondents answered artificial intelligence and analytics.

In addition, major technology powerhouses, such as IBM, have been actively promoting their AI cybersecurity advancements. The complex nature of cyber-attacks means that advanced counteractive measures are required. By adopting AI cybersecurity solutions, companies can experience a range of benefits, such as the ability to consume billions of data continuously, analyse threats in a rapid manner and eliminate time-consuming tasks. AI technology assists organisations throughout every phase of a data breach, including before, during and after to provide rapid insights.

For example, the IBM QRadar SecurityIntelligence Platform⁷ provides an integrated analytics solution to cyber threats. Before an attack, the AI technology can detect anomalies and identify attack behaviours to notify the organisation of a possible threat. In the unlikely event that a data breach occurred, the technology can help organisations in understanding the full scope of the attack through automated root-cause analysis. The aftermath of a cyber attack can be assisted with AI, meaning that the technology is able to continuously develops detection mechanisms through the lessons learnt from the attack. Furthermore, it possesses the ability to adopt new models to increase its accuracy in responding to future breaches.

The rising cyber risk scene: where to next?

As technology continues to evolve, other counteractive measures, such as the JDS technology⁸, provide an alternative to prevent cyber attacks. This technology focuses on monitoring sensors in industrial control systems to detect abnormalities and prevent inoperability. Mining engineers can benefit from this technology to identify key concerns in a time-effective manner and implement any changes if required.

Using these technologies will require a strong commitment from mining companies in securing their online information systems. Cybersecurity will always remain a top concern for organisations, and it is our job to treat it as a shared responsibility to maintain a secure system. With advanced technologies, the cybersecurity landscape is set to witness massive changes in the long-term. Mining companies are encouraged to take a proactive approach to cybersecurity solutions to prevent workers safety impacts, loss of sensitive information and damages to operating systems.

The major considerations and drivers for cybersecurity in mining and the emerging pathways forward.

2020 Cybersecurity

Download the full report