Spotlight Feature Articles CYBER SECURITY | Page 3

CYBER SECURITY people who are meant to control the Industrial IoT solution can); n “Secure execution environments (so that the environment used to control the solution is difficult to access for bad actors); n “Encryption (so that data is difficult to interpret); n “Validation between the end point (eg a sensor) and the gateway (so that no sensors can be spoofed and used as a way into the network), and; n “Two-tier authentication between the gateway and the orchestration platform (again, this means that only the right gateway is talking to the orchestration platform and wherever the data is going).” He concluded: “Essentially you need everything checking that everything else is supposed to be there, all of the time!” How much these systems cost depends on the starting point of the company in question and the end goal in terms of cyber-security measures, according to EY’s Rundus. “Most organisations that have a low maturity find that there is a need to uplift cyber capabilities over a three-to-five-year period, where foundational or basic controls are prioritised and implemented in the first 12-18 months. “The order of magnitude for a cyber transformation programme can range between $3 million-$6 million for a small organisation, and $25 million-$30 million for a large and global organisation,” he said. Focus areas Regardless of budgets, Inmarsat’s Carr thinks there are two key threats mining companies should be aware of. “The most obvious attack vector is ransomware, with two main areas of focus being processing and production,” he said. “The best example of this would be a hypothetical scenario of a malicious actor accessing a plant control network or an autonomous network and simply encrypting the control system until a fee is paid. “This is a classic ransomware attack and something which goes on almost every day in a range of industries but is rarely reported publicly.” The other side of the threat is physical damage to systems, as seen with the Stuxnet attack in 2010 or the Triton malware attack in late 2017 targeting industrial safety technology, Carr said. “Attacks such as these could occur at almost any stage of a mining operation.” Mining companies should also be aware of the distinction between “white noise” and “targeted attacks”, ABB’s Schierholz said. “I typically differentiate between targeted and sophisticated attacks – the black swan risks: rare, but catastrophic – and the white Symantec Corp recently introduced Industrial Control System Protection (ICSP) Neural, the industry’s first neural network-integrated USB scanning station aimed at helping organisations protect critical infrastructure from the physical consequences of cyber attacks. ICSP Neural uses artificial intelligence to prevent known and unknown attacks on IoT and operational technology (OT) environments by detecting and providing protection against malware on USB devices, Symantec says. It scans, detects USB-borne malware, and sanitises the devices, according to the company. “Existing ICSP deployments have shown that up to 50% of scanned USB devices are infected with malware,” Symantec says. OT is mission-critical in industries such as energy, oil and gas, mining, manufacturing, and, in transportation, but legacy systems are often outdated and nearly impossible to secure with traditional end-point security, according to Symantec. “Companies have typically relied on un-scanned USB devices to update these systems, increasing the potential for malware infection and targeted attacks. “The threat of cyber warfare – including physical damage and personal safety – is very real and the consequences are potentially devastating. Despite this, the industrial control systems that power critical infrastructure often run on outdated Windows systems leaving them vulnerable to both known and unknown threats. “For example, the infamous Symantec-discovered Stuxnet worm used USB-based malware to manipulate centrifuges in Iranian nuclear plants – ultimately sabotaging a key part of the country’s nuclear programme.” Simplifying the scanning process is critical to overall security hygiene, as operational technology environments are often in remote areas or field operations, far removed from an organisation’s IT teams, Symantec said. “As such, the ICSP Neural scanning process is simple, requiring no specific security or IT training. Once connected, ICSP Neural emits visualisations and real-time signals through the LED light ring that indicate when malware has been detected and sanitised,” Symantec said. The Symantec-designed neural engine harnesses the power of Symantec’s world-class threat intelligence network to increase detection efficacy by up to 15%, according to the company. It also detects adversarial machine-learning attempts and initiates self-learning to provide protection against unknown threats. noise of any software-based system of non- trivial complexity – those broad, undirected attacks against any user of networked computer systems such as WannaCry or NotPetya. Both categories of attacks can have severe consequences on an industrial operation. The white noise, which happens day-in, day-out, can be protected against by fairly basic security hygiene. The sophisticated targeted attacks may not be first priority, especially for smaller operations.” Taking on the burden Against a backdrop of stable-to-low commodity prices and increasing levels of digital and automated processes, many are calling for the vendors and OEMs providing these solutions to take on the burden of protection. Drew Larsen, Director of Business Development for ASI Mining, told IM that it was reacting to its clients’ cyber security concerns. “We are definitely active in adopting best practices and looking at measures that can keep all of our systems more secure. This will be an ongoing effort for ASI indefinitely,” he said. ASI’s on-board hardware and Mobius software converts vehicles to autonomous operation, in the process, interacting with various streams of data from the OEM, mining company, predictive maintenance software providers, etc. As a result, it already equips its systems with layers of protection, according to Larsen. “There are some practices and functionality we incorporate into our software and we are constantly adding more capabilities,” he said. Carr said Inmarsat embeds security in “everything we do, however we are always working with industry and government to improve our security offerings”. He added: “We have our own cyber-security capabilities as well as a 24-7-365 cyber-security centre based in London next to our satellite Network Operations Centre, and we are consistently recruiting and training staff to ensure we have the most advanced cyber- security capabilities in the industry.” ABB, as a provider of process control and automation systems, also offers layers of protection for clients, according to Schierholz. “As far as our scope of supply for a typical mining automation system is concerned, we can provide our customers with a security solution for that entire system,” he said. The company has a mining reference too. Boliden had been using ABB’s 800xA process control system in its process plants for some time and, looking to harden its existing cyber JANUARY 2019 | International Mining