Automation in mining has proved to be an attractive proposition for the industry given its potential benefits. With this new trend comes a cautionary tale of the limits and risks behind new and existing technologies, notably in regards to Cyber Security.
In a little more detail, the role that Cyber Security has to play within mining automation could be protecting confidential or valuable information or restricting access to mechanical systems among many other elements of an operation that require strict control and management. Automated systems that are compromised pose a safety and security risk to both the human and logistics of mining organisations.
Automation also demands the use of technology to streamline operations and deliver efficient results.
Technology in automation relies on computers. Computers are everywhere and inside most of the things we use on a day-to-day basis.
As we network these computers, we create additional paths of access that were previously unavailable to cyber criminals.
The Internet of Things (IoT) is the network of devices, electronics, software and other objects such as fridges, TVs and even mining equipment. Many of these computers lack the processing power to contribute to larger attack networks and some pose a risk in other ways such as providing a loophole into stronger segments of a network or simply being taken offline.
Other networked equipment or systems place a more crucial role and must be protected to avoid catastrophe. Specifically in mining, robots and other tools have the potential for physical damage or operation downtime. Without taking precautions against unwanted intruders into a network, an organisation is leaving its doors open enough to allow for problems that could have been avoided.
It is evident that cyber-crime is affecting the mining industry. Malicious network security events are growing in number as they prove to be effective business models for attackers. Mining executives have increased awareness of the benefits of establishing security infrastructure best practices as well as educating internal teams to minimise vulnerabilities and the risk of being breached. That being said, this awareness is still developing to a point of industry-wide understanding and willingness or ability to take action.
The Australian Government is in the process of reviewing mandatory data breach disclosure laws as similar laws have already been established in other countries such as the United States due to major breaches of customer or confidential information and systems.
We’re also starting to see attacks on utilities with the recent hacking of Ukraine’s power plant resulting in major power blackout for several hours. Mandatory data breach disclosure laws in Australia will require additional efforts from all organisations to improve the security of their information as well as their ability to monitor and report on the flow of information both internally and externally.
It is recommended that organisations establish a layered approach to security to mitigate the risk of being affected cyber-attacks.
This requires the use of several highly effective security systems working cooperatively to stop threats at different stages of an attack. Some threats are sophisticated enough to bypass general security systems such as Anti-Virus, Intrusion Prevention or Anti-spam before being detected and quarantined by additional systems such as an Advanced Malware Detection provider.
Alternatively, they may be able to bypass several security systems before being detected and managed by another part of an organisation’s defences.
This is often referred to as the “Cyber Security Kill Chain”.
Other examples of potential threats may be an email from a trusted employee such as a Vice President sent to an employee requesting critical or sensitive data. This is labelled as being a Spear-Phishing attack that directly targets individuals to gain access to an internal system, or larger organisation through a trusted supplier. Without training for scrutiny and awareness, most employees are vulnerable to these socially sophisticated attacks and can cost organisations considerable amounts of resources to resolve issues arising from a breach.
Additionally, a key element in effectively managing network security is visibility of activity on a network. To do this, detailed network monitoring tools are an essential part of implementing layered security solutions and managing network issues.
Some mining operations do not have the scale and resources to justify significant spend on an IT department and several appliances or services to provide effective layered security. Small and midsized organisations are now the preferred targets for cyber criminals given that they are easier targets than larger organisations.
As a result, it is recommended that these organisations utilise a single Unified Threat Management appliance that leverages several top-performing security suppliers to minimise cost and management requirements, whilst delivering enterprise level security protection.
*David Higgins is the regional director, ANZ, for WatchGuard Technologies, Inc. an integrated, multi-function business security solutions company.