Cybersecurity in mining

SMART Mining Security Solutions 2024 Mining (Industry)

One does not usually associate mining with cybersecurity, but as big technology users (including some legacy technology that was not designed for cyber risks), mines are at risk from cyber threats in several areas. One area of high risk is the industrial machinery used every day that is now being connected to networks and even the Internet, sometimes inadvertently, and offers tempting targets for sabotage or ransomware from cybercriminals.

Another, arguably more modern area is the IoT (Internet of Things). Devices that provide data from every corner of a mine, from water and smoke sensors to video cameras that can produce large volumes of data, and the ability to collect and analyse this data centrally produces valuable intelligence for security, operations, and business planning. Naturally, being connected, they are also at risk from cybercriminals. After all, who thinks of cybersecurity when it comes to a water sensor?

Kyle Pillay, Security Operations Centre (SOC) Manager at Datacentrix, notes, “In today’s digital world, the evolution of the internet and the interconnectedness of everything through technologies like the internet of things (IoT) have brought about a levelling of the cybersecurity field. No particular industry is immune to cyberattacks like phishing, CEO fraud, and financial scams, and this includes the mining sector. Should a hacktivism group take umbrage against one of your initiatives or investments, for example, you will be targeted.” “Within the mining environment, the consequences of data theft and exposure would be mostly legislative, based on the regulations of the specific territory like South Africa’s Protection of Personal Information Act (PoPIA) or the General Data Protection Regulation (GDPR) in the European Union. If, as an organisation, you do not have the proper controls and measures in place, you could face fines and even imprisonment.”

The risks are particularly high within the mining environment. For example, cyberattackers could access machinery on assembly lines through IoT vulnerabilities, allowing them to change programmable logic controllers (PLCs), which control different electro-mechanical processes. Workers could be harmed should an attacker change sequences or bring lines completely to a halt. This could even be life-threatening in a scenario where, for example, an attack causes the shutdown of a heating, ventilation and air conditioning (HVAC) system.

Operational tech not designed for a short lifespan

Pillay continues that operational technology (OT) is generally manufactured to have a long lifespan. Systems were built to last 20 to 30 years and were operated in segregation and are now being increasingly targeted by cybercriminals. Historically, these environments have used the Purdue Model, a structural framework for industrial control system (ICS) security that concerns the segmentation of physical processes, sensors, supervisory controls, operations, and logistics. However, this model, developed in the 1990s, does not address some of the more modern challenges and requirements of ICS environments, such as the emergence of new, sophisticated cyber threats targeting OT systems and exploiting their vulnerabilities.

Because mining businesses now want to be able to access valuable data within their environments for reporting, there is – by default – an interconnection between IT and OT solutions. This can widen the attack surface, should the necessary controls not be in place. For instance, you may be using a computer running Windows 7 that works perfectly well for what is required, but this access point is vulnerable. The solution could be overlaying a secure network between the IT and OT environments, meaning that the equipment being run does not need to be changed, and you can still access the intelligence needed for reporting. It could even be as simple as rolling out a web application firewall (WAF) to reduce risk or using local machines to patch vulnerabilities.

“Security solutions could include management software for the OT stack, which would offer protection to some extent and also bring out key performance indicators to consider, such as potential areas of improvement,” adds Pillay. This would need to be done on a separate management layer, with virtual patching. It could be as straightforward as implementing a web application firewall (WAF), which will protect against exploits on the application layer, while still maintaining segmentation with IP and port control on the network layer, thereby mitigating IT risks to within acceptable levels.

Digital transformation security

As mines adopt digital transformation, data becomes more important and analysing data from equipment out in the field, geological surveys, etc., can provide invaluable information. What data protection solutions and processes should they be implementing? These systems also need protection, which should be designed into the solutions from the start.

“There are a number of data protection solutions and processes that could be rolled out by mining organisations to assist with the safe gathering and analysing of data from equipment out in the field,” states Pillay. “For instance, identity access and management (IAM) is key. An IAM solution would ensure that only the right people have access to devices and are able to bring data back into the environment for analysis. Multifactor authentication (MFA) is also critical here to ensure that users are not being spoofed – where an unknown source poses as a known, trusted source - or impersonated by a cybercriminal.”

Not only external threats

It is not only threat actors outside the company that pose a threat to mines. Insider threats are naturally a constant cause for concern in any industry, and the payroll departments within mining businesses are no strangers to malicious activity, from ghost workers to blatant fraud. A cybersecurity strategy must also include policies, processes and applications designed to curb insider mischief without preventing people from doing their jobs.

Pillay says data loss prevention (DLP) is critical to circumventing insider threats. DLP assists with data classification, identifying and helping to prevent unsafe or inappropriate sharing, transfer, or use of sensitive data. DLP also helps to determine data classification – identifying sensitive data– as well as the movement of said data. For example, DLP can determine whether a user is allowed only to upload to a database or if they may also email it.

Datacentrix’s cybersecurity offerings

Highlighting the security services Datacentrix offers, Pillay says, “Datacentrix offers comprehensive, end-to-end security services and solutions. This includes a cybersecurity operation centre-as-a-service, which entails threat monitoring and management, endpoint protection services, a firewall-as-a-service option, privileged access management (PAM), email security, identity access and management (IAM), vulnerability management, brand protection (dark web monitoring), and cyber advisory services.

“In addition, Datacentrix is able to assist with incident response recovery, where in the case of a ransomware attack, the organisation would carry out isolation, investigation, remediation and eradication services, as well as help businesses to restore their data. Essentially, the company’s managed services approach means that it can deliver the people, processes, and technologies needed to meet clients’ cybersecurity needs.”

For more information go to www.datacentrix.co.za


Credit(s)




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Physical security technology trends to watch in 2025
Technews Publishing News & Events
There are some exciting developments and significant changes, some technical and some operational, taking place in the market that security professionals should be aware of as they plan for the year ahead.

Read more...
2025 Southern Africa OSPAs entries now open
Technews Publishing Editor's Choice News & Events Training & Education
Entries are now open for the 2025 Southern Africa Outstanding Security Performance Awards (OSPAs). The OSPAs are designed to be both independent and inclusive, providing an opportunity for outstanding performers, to be recognised and their success to be celebrated.

Read more...
Watermist suppression in mining
FS Systems Fire & Safety Mining (Industry) Products & Solutions
Watermist suppression systems are highly effective in suppressing flames and controlling heat spread, especially in confined spaces commonly found in mining environments, by generating fine droplets with an increased surface area, enabling rapid heat absorption and cooling during fire incidents.

Read more...
Gas detection for mining
FS Systems Products & Solutions Fire & Safety Mining (Industry)
Flammable gas detection is critical in safeguarding mining operations, where combustible gases pose significant risks. Early detection of these gases helps prevent fires and explosions, which can lead to devastating consequences.

Read more...
Fire safety in commercial kitchens
Technews Publishing Kestrel Distribution Products & Solutions Fire & Safety Commercial (Industry)
Fire safety in commercial kitchens is becoming increasingly critical. Defender is Europe’s first EN 17446:2021-approved kitchen hood fire suppression system and offers the indispensable safety measures required.

Read more...
Linear heat detection (LHD) from Technoswitch
Technews Publishing Technoswitch Fire Detection & Suppression Products & Solutions Fire & Safety
SecuriHeat LHD by Securiton prevails where conventional fire detectors reach their physical limits. It copes well with extreme temperatures and constantly high atmospheric humidity, while precise measurements are also possible when corrosive gases and contaminated air are present.

Read more...
Fire protection for a solvent extraction plant in Africa
FS Systems Fire & Safety Security Services & Risk Management Mining (Industry)
A prominent mining site operates a state-of-the-art solvent extraction (SX) plant, integral to separating and purifying metals from ores, which pose significant fire risks, as SX processes involve highly flammable organic solvents and elevated operating temperatures.

Read more...
From the editor's desk: A burning issue
Technews Publishing News & Events
      Welcome to the first publication from SMART Security Solutions devoted to the fire industry. In the BMI report, sponsored by the Elvey Group, released earlier this year, fire was the smallest component ...

Read more...
Effective fire and smoke detection using cameras
Hikvision South Africa XtraVision SMART Security Solutions Technews Publishing Dahua Technology South Africa Fire & Safety
Video analytics, spurred on by advances in image processing, enhanced fire and smoke detection capabilities while significantly reducing false alarms in surveillance cameras. Today, AI has further improved accuracy and minimised false alarms.

Read more...
Itec SA rolls out My Safe Space proof-of-concept
Technews Publishing News & Events
As a My Safe Space initiative partner, Itec SA launched the endeavour's first proof-of-concept (PoC) at Jeppe High School for Boys in September 2024.

Read more...