OREANDA-NEWS. August 15, 2016. In the new research paper “Cyber Threats to the Mining Industry” Trend Micro examines modern mining industry practices and processes, and identifies vulnerable gaps that threat actors might be able to exploit. The reasoning and motivations of a variety of threat actors are also analyzed. This paper gives a general view of the weaknesses existing in a sector that doesn’t seem the most intuitive target at first glance.

The mining industry is under threat from cyber attacks aimed at exploiting its strategic position in global supply chains.  Very targeted and highly coordinated, the attacks are launched by a broad set of attacker groups ranging from hacktivists to hostile governments and organized criminals. These groups have learned how to leverage the significant role that mining commodities play in regional and global supply chains and for national economies, and know how to exploit the vulnerabilities that mining companies are exposed to due to heavy reliance on integrated and automated systems.

Trend Micro finds three clear factors that explain its relevance.

  1. Increasing and continued importance of commodities as traded entities on international markets
  2. Reliance on natural resources for economic development
  3. The need for countries to benefit from their own mineral deposits

The mining industry is both a geopolitical and an economic target. The threat actors behind foreign cyber espionage campaigns are increasingly interested in learning about governance policies, decisions, and decision-making processes of corporate executives but also in trying to gain a competitive edge by disrupting the advantage of a competitor.

One of the main reason for cyber attacks are attempts to find internal data. Having insider information about a mine’s pricing data can help a competitor hijack a sales deal by outbidding the competition, or a buyer negotiate a better purchase price. Customer information is another prime target for data theft. Competitors can use the stolen customer information to hijack future sales. This is the type of critical information that threat actors are after.