Ernst & Young recently conducted a Global Information Security Survey for 2013-2014 concluding that mining and metals companies have emerged as priority targets for cyber criminals.
The report, which analyzed information from 1,909 respondents from 144 countries, attributes this trend to mining and metals firms’ susceptibility to attack. Specifically, centralizing business functions requires increased and more sophisticated IT systems and network infrastructure, which increases an entity’s “exposure to, and dependence on, the Internet.”
These threats, according to Ernst & Young, are compounded by the intelligence and surveillance activities of sovereign states.
The objective may be the passive collection of commercially sensitive intelligence to assist national or state-owned companies in contract negotiations. However, the possibility of it being more sinister, with the use of malware to incapacitate important facilities (made infamous by the Stuxnet attack on the Iranian nuclear facilities), should not be ruled out. It is worthwhile considering the impact of disabling a remote operations center that controls trucks, drills, trains, ship loaders, mills or concentrators, or even the individual physical equipment being disabled.
Leave a Reply