KALGOORLIE (miningweekly.com) – The Australian Security Intelligence Organisation (ASIO) and the Australian Signals Directorate (ASD) have warned that Australian miners are currently being targeted for cyberattacks.
ASIO said on Tuesday that a successful compromise of a network provides cyber operators with a range of opportunities, from extortion and ransomware through to theft of intellectual property and sensitive market and commercial contact arrangements.
“Cyber operators are known to conduct online research into individuals who are publicly linked to specific industries. They usually conduct this research by accessing organisational websites, news articles and media releases, but can also conduct more targeted research through online social media platforms. They use this information to identify more individuals of interest, and to assess what level of access and insight an individual is likely to have into their specific industry.
“In addition, cyber operators will look for publicly known vulnerabilities on external-facing websites in order to compromise networks,” ASIO said in a statement.
Advisory firm PwC earlier this year warned that as reliance on autonomous and digital technology grows, so too did the risk of cyberattacks for the mining industry.
“As technologies become more interconnected, the potential cybersecurity threats and attack vectors are growing. The consequences of these threats can be severe, resulting in production and revenue losses, regulatory fines, reputational damage, as well as the shutdown of critical infrastructures," PWC said.
The advisory firm noted that the mining sector has been quick to adopt autonomous vehicles, remotely controlled excavators, WiFi-based site location tracking and smart adaptive ventilation systems while the manufacturing sector uses smart technologies for optimisation, quality checks and widespread systems controls. Cyber risks to these devices generally remain unknown and therefore unaddressed by organisations.
PwC noted that the Covid-19 pandemic has served to exacerbate the project, noting that in the first six months of 2020 the manufacturing industry had seen a dramatic increase in intrusion activity with at least an 11% increase in network attacks compared to the same period in 2019.
In 2020 alone an estimated 70 cybersecurity incidents targeted the Australian mining and resources sector. This escalation was not only in terms of sophistication but also in terms of the types of threat actors entering the space of attacking the sector.