Mining companies are becoming increasingly digitised. Employees are equipped with smart devices to provide flexible access to real-time mining information systems. This also significantly extends the computing perimeter of an enterprise, potentially rendering it more vulnerable to an attack.
Meanwhile, there has been an increase in automation in very deep, underground mines where signals are hard to maintain, for measuring and monitoring production underground. While such systems are not generally connected to the internet because of the challenges associated with maintaining a connection, it might also be harder to implement manual workarounds when a system fails, causing an interruption to the business until the equipment is repaired or replaced.
Mines have become a target for a cyber or ransomware attack when they use technology that is connected to the internet. For example, an internet software may be used to monitor the efficiency of the mining process and measure output such as the amount of gold that comes out at the end of the process. Malware can be deployed, locking up an organisation’s computer systems until a ransom is paid or the entire network rebooted from a backup.
Mining companies must ensure they conduct a thorough risk review when they roll out new automating technologies. They must ensure they have adequate cyber coverage in the event of a systems outage or cyber-attack.