Mining companies caught flat-footed by cyberattacks

Attackers are seeking business secrets and trying to disrupt supply chains, according to an Ernst & Young survey

Mining companies increasingly are being targeted by hackers trying to steal information and disrupt operations, as the metals industry expands its dependence on Internet-connected systems to reduce costs, according to an Ernst & Young survey.

Of the 39 mining companies that responded to the company's Global Information Security Survey, 41 percent said they faced a rising number of external threats, including cyber-incidents.

Mining companies have tended to focus on the tools of the trade, such as trucks and graters, even though IT has increasingly been used to control that equipment in the past decade, said Mike Elliott, global mining and metals leader for Ernst and Young.

"They don't see themselves like consumer organizations that hold large amounts of credit card details," Elliott said. "They're not like a financial institution sitting on large amounts of cash and security. Hence they think they're not really a target."

Safety systems and sensors are increasingly being linked to the Internet, which has saved mining companies money but created new avenues for attack, the survey found. Mining companies often don't realize how reliant they are on IT, Elliott said.

The mining sector may not have accepted that there are certain "non-negotiable infrastructure costs" associated with increased dependence on IT, he said.

The merging of operations technology with information technology has provided hackers a path to the operation systems from the Internet, the report says. The operations systems become "inherently less secure, as many old systems were not developed with security in mind."

Computer security experts have warned for years that industrial control systems used by utilities, manufacturers and the energy industry are vulnerable to attacks due to buggy software and infrequent patches.

The motivations for attacks are varied. Activists alarmed by mining activities may use them to expose confidential information or create "communications mischief, such as defacing websites or triggering false announcements," the report said.

Some hackers hunt for information about business deals, while others seek to disrupt the metals markets for profit. Copper is a particularly price-sensitive metal due to tight supply, and the closure of one or two mines can cause its price to spike, Elliott said.

Having access to information about those closures before it is made public could therefore be valuable.

"If someone is taking an appropriate derivative position on the LME [London Metal Exchange], they could profit in doing so," Elliot said.

Send news tips and comments to Follow me on Twitter: @jeremy_kirk

Join the CSO newsletter!

Error: Please check your email address.

Tags Ernst & Youngintrusionsecurity

More about Twitter

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Jeremy Kirk

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place