Cyber criminals have yet to target mining in a big way, but it will happen. E&MJ looks at some of the threats and what operators can do to mitigate them.
If this article had been written even 10 or 15 years ago, the chances are that its focus would have been almost exclusively on physical security — what mining companies might need to do to protect their operations (and output) from trespass, vandalism and old-fashioned robbery. Today, however, security has a new dimension, and while physical threats remain just as real as they did in the 1990s — or the 1890s, for that matter — the rapid growth of cybercrime has brought a whole new area of concern.
Is the industry as worried as it should be? In all honesty, that is difficult to say in a broad-brush way, but to put things into context, within the past two years, a magazine from another publisher that covers the oil and gas pipelines industry has carried no fewer than 10 articles on cybersecurity. This author, for one, cannot recall having seen anything carried in the mining publications that are circulated internationally.
On this admittedly simplistic basis, it might appear that cybersecurity is something that the mining industry has yet to come to grips with, at least in comparison with other resource sectors. Clearly, the oil and gas industry has had an additional spur to smartening up on how to combat the new threats, simply because its products are both highly flammable and — when spilt — cost a lot to clean up.
And the cyber criminals already have “form,” having demonstrated their capabilities when it comes to damaging oil-transport infrastructure — maybe. According to a report carried by Bloomberg in December 2014, investigators from Turkey, the U.K. and elsewhere concluded that an explosion in 2008 that put the Baku-Tbilisi-Ceyhan (BTC) pipeline out of action for three weeks had been caused by a cyber attack.