Do you think that understanding the cyberthreats the mining industry faces will be helpful for you and your organization’s security? Unless you work in mining, the odds are your answer to the question is a quick “no.”
That’s understandable. For most people, mining is an industry that barely registers. Mining conjures up images of men with coal-blackened faces in late nineteenth or early twentieth century clothes.
In the early part of the twenty-first century, it’s surprising to realize that mining is still out there at all.
But mining is still one of the most critical and strategic industries out there, especially in the twenty-first century.
The computers and smartphones you’re reading this on are driven by mining. The coal that fires many of the power plants that give you the electricity your smartphone (with the bad battery life) needs comes from mining. The gold and silver and other precious metals that are inside your computer and devices also come from mining. Far from being an industry of the past, mining is a keystone industry of today and of the future. It’s just that we don’t realize it’s still there.
Not only is mining still an important industry, it’s a strategic industry, much like oil. Just like oil, mining is about accessing and controlling raw materials and resources that nations rely on. Mining isn’t an industry that makes widgets you can live without; mining is an industry that controls resources that can allow nations to thrive or make them starve.
And while we may have a nineteenth or twentieth century image of mining in our heads, mining is very much a twenty-first century industry now. That means it’s using the latest technologies. And those technologies are connected to the Internet.
And that means the mining industry is under cyberattack.
We don’t hear much about mining industry cyberattacks in part because people don’t think about mining, for the reasons I outlined already. But the mining industry doesn’t talk about the attacks they face either. That’s natural: no industry wants to draw attention to the attacks they face. But they are under attack and it is important to understand the threats and attacks this industry faces.
It’s important first for the industry itself. Information sharing and coordination is always helpful when it comes to cyberattacks. Compare financial services, which has a robust and mature information sharing program, with retail, which has practically none. Mining is a brutal, competitive industry where distrust runs very high and information is what makes or breaks companies. So there’s little incentive to share information around attacks with peers and competitors. While understandable, that’s unfortunate: it gives the attackers the advantage.
Understanding the cyberthreats mining faces is also important for everyone. Mining represents a strategic industry, which means that it faces the full spectrum of threat actors: nation states, cybercriminals, hacktivists, industrial spies and disgruntled insiders. Except maybe for the oil industry, no other industry sits so squarely at the cyberthreat crossroads as mining.
Up until now, though, it’s been nearly impossible to get a handle on the threat landscape mining faces. With the publication of our latest report from our Forward-Looking Threat Research Group (FTR), “Cyber Threats to the Mining Industry,” we’re able to give a view into the threats that mining is facing.
This report is based on our research, including research with those in the mining industry. We outline very specific threats and threat scenarios that mining faces. Our research shows that mining in particular is facing serious cyberthreats targeting intellectual property and information. Our research shows that this information is sought by threat actors for outright theft of useful competitive information, as well as for use in some market manipulation schemes.
These market-focused attacks in particular show signs of being a leading edge in corporate espionage cyberattacks. They represent an intelligent and integrated use of cyberattacks as part of a broader attack plan.
You may not have thought much about mining as an industry under attack before, but you should look at it as an incubation lab of some of the threats other major industries may be facing in the near future. One lesson we’ve learned over the years is that no successful cyberattack strategy or tactic remains contained within a single industry or space for very long. What happens in the mining industry won’t stay there for long. Aerospace, energy, healthcare, manufacturing; all these critical industries can and will face these same threats and attacks eventually. Looking at what’s happening in mining is a good way to get ahead of the attackers. In this way, mining really is the canary in the cage when it comes to cyberattack directions.