The COVID-19 pandemic has brought a wave of Industry 4.0 technologies to the forefront of the mining industry.
With travel restrictions being a recurring theme over the past 12 months, mining companies have been forced to adapt.
During the pandemic, miners have adopted technologies that allow for remote operation of activities on site via the internet. And like any device connected to the internet, ‘smart’ mining technologies carry cyber security risks.
A cyber attack on a mining operation could potentially derail productivity and cause huge issues for the entire operation.
ASG Group has provided IT solutions and services to multiple industries since the company was founded in 1996.
For mining, this includes digital transformation services that boost returns on investment, support for enterprise applications like SAP, Oracle and Microsoft, as well as consulting services throughout the transformation journey – including cyber security services.
The company can also assist with sustainability goals through cloud migration, automation and process optimisations.
ASG Group national security lead Adam Misiewicz says the mining industry has grown more open to the adoption of autonomous technologies to support the productivity and efficiency of operations.
“Mining today relies on interconnectivity and autonomous technologies to collect, process and fuse data – essential to support a wide range of decision making such as how to optimise production,” Misiewicz tells Australian Mining.
“Remote sites and thousands of devices all running on shared technologies over wireless connectivity can present vulnerabilities – any weaknesses can open up opportunities for hackers and other malicious threats.”
These threats include espionage, insider threats and ransomware, which can all result in significant financial losses for a business.
“This is where experience with technologies, best-in-class expertise, and strong implementation is so important in mining,” Misiewicz says.
“The spotlight is often on mining and resources companies to prove they are being socially responsible – cyber security plays a huge role in this.”
For Misiewicz, two major challenges for cyber security are common in the mining industry.
This industry’s focus on legacy systems with a hesitation to patch or upgrade due to downtime and weak access controls, such as identity management and encryption.
“The combination of both creates significant vulnerabilities, which if left exposed, can be used to create damage,” Misiewicz says. “This is where ASG can help.”
As an IT provider for enterprise and government organisations, ASG Group is experienced working with critical environments and infrastructure.
“Today, we have security specialists located around the country performing services related to cyber risk and compliance, cyber defence and managed security services,” Misiewicz says.
“We are one of the few providers that delivers its security services from local shores using sovereign capabilities to support our national security, bolstered by partnerships with leading security software and service vendors.”
Digital technologies in a mining environment are often connected to complex and hazardous machinery.
If remote access to these machines is not managed correctly, serious injuries can occur.
“Interconnectivity, the cloud, digital technologies (IoT, mobility, 5G) and the interaction between these elements creates its own risk,” Misiewicz says. “And in mining, if things go wrong, the consequences may be a matter of life and death.
“This absolutely elevates the need to understand risk across the entire business, with a view to implementing controls that reduce risk to the lowest possible acceptable level.”
Misiewicz recommends that miners re-assess their investment strategies and consider optimising their processes, while considering tools that take advantage of their digital environment.
“Cyber threats today are indiscriminate and impact just about every single sector. The impact of a successful attack today is magnified because of all this connectivity,” he says. “This can lead to operational, reputational financial damage and can impact customer or consumer confidence.
“Due to the most prevalent threats in this industry – ransomware, phishing, insider threats, espionage – it is everyone’s responsibility to play a role in reducing these threats.
“It’s a business problem, not an IT one and each one of us should be educated in how to recognise the early stages of an attack, or how our actions leave us vulnerable.”