Miners face rising threat of cyber-attacks

MELBOURNE Wed Nov 20, 2013 8:13am EST

Related Topics

MELBOURNE (Reuters) - Miners are becoming increasingly vulnerable to cyber-hacking as they slash costs, automate equipment, rely more on the internet, and run mines from hundreds of kilometers away, a survey of nearly 40 mining companies has found.

Threats can come from criminals looking to make money from supply disruptions, rivals hunting business secrets, governments and state-owned firms looking for a leg up in contract talks, and political and anti-mining activists, according to a report by Ernst & Young.

More than 40 percent of metals and mining companies in the survey experienced a rise in external threats over the past 12 months.

"Criminals are attracted to the sector because of the massive cash flows," the advisory firm said in its report.

The most vulnerable miners are small to mid-sized companies who produce strategic metals such as rare earths, tin and tungsten, rather than the mega miners, who have tightened security in their systems over the past few years.

"The big miners have more sophistication in their risk management systems and probably have already experienced some degree of hacking activity in the last couple of years. For them it's a real life battle," said Mike Elliott, Ernst & Young's global metals and mining leader.

Back in 2009, former BHP Billiton Chief Executive Marius Kloppers told a U.S. diplomat in Melbourne he was worried about espionage by China and competitors like Rio Tinto, according to a report on a diplomatic cable released by WikiLeaks.

Elliott said one fairly large miner was hit by a cyber-attack in the past two years which it detected only by accident when it was examining the reliability of a piece of equipment in its supply chain.

The company discovered coding in the software for the equipment had been changed with an unauthorized amendment.

"It was designed to cause a problem that never eventuated because they picked it up," Elliott told Reuters. He declined to name the company that was targeted or where it was located.

"There are a lot more victims of this sort of activity than would be reported, because people don't like to talk about when these things are detected," he added.

Iron ore miners are so aware of threats that one large producer requires staff to remove the batteries from their mobile phones at their most sensitive meetings, a person familiar with the company told Reuters.

Smaller miners are more vulnerable to cyber-hacking because they don't see themselves as targets, and as they look to cut costs they are increasingly using web-connected technology and automated systems which could be infiltrated.

Web sites are easy targets for political and social activists, or hacktivists. A hacker defaced and blocked access to rare earths producer Lynas Corp's web site last year as part of a campaign against the opening of a processing plant in Malaysia.

Lynas has since moved its web site in-house.

"It was a wake-up call for us to bring the web site under the control of IT and have them secure it in the same way as our internal networks," said Gillian Kidson, Lynas Corp's general manager of IT.

(Reporting by Sonali Paul; Editing by Richard Pullin)

FILED UNDER:
We welcome comments that advance the story through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can flag it to our editors by using the report abuse links. Views expressed in the comments do not represent those of Reuters. For more information on our comment policy, see http://blogs.reuters.com/fulldisclosure/2010/09/27/toward-a-more-thoughtful-conversation-on-stories/
Comments (1)
Mylena wrote:
The miner industires ruin environment, and people’s life that lives around the mines!!!!! So, who is the one treatened? people risking their lives.

Nov 20, 2013 12:17pm EST  --  Report as abuse
This discussion is now closed. We welcome comments on our articles for a limited period after their publication.