Last month, Weir, a major supplier to the mining industry, was the victim of a crippling cyberattack that forced it to isolate and shut down its core IT systems, including enterprise resource planning and engineering applications.
The resulting disruptions included engineering, manufacturing and shipment rephasing, which resulted in revenue deferrals and overhead under-recoveries. The operating profit impact of Q4 revenue slippage is expected to be between $13 to $27 million for 12 months.
Cyber security was a growing threat for miners long before the pandemic – it was listed among the top 10 business risks and opportunities facing mining and metals for the last two years, according to a 2020 EY report.
“The world’s leading mining companies are now unanimous in reporting that cyber threats are a principal risk to them achieving their goals,” according to a Marsh report, Cyber Risk: Threats and Insurance Protection for the Mining Sector.
“The use of networked systems has progressively increased across all aspects of mining operations, from exploration and extraction, through processing and logistics, to sales and marketing – while a range of cyber-attacks on the sector and industry at large have stimulated concern,” the report reads.
Before cyberattack became a buzzword, David Masson, director of enterprise security at AI cyber security company Darktrace, was working in security and intelligence environments in the UK and Canada across civilian, military and diplomatic circles, having held management positions at CSIS, a division of Public Safety Canada, the UK Ministry of Defence and Royal Auxiliary Air Force.
“Ransomware has been around for a long time, but has become more prevalent since about 2015 – the reason is, it’s an easy attack to monetize,” Masson told MINING.COM. “What ransomware can effectively do is encrypt data so it can’t be read any more – it can take a whole system down, from front to back.”