CYBER SECURITY
people who are meant to control the
Industrial IoT solution can);
n “Secure execution environments (so that the
environment used to control the solution is
difficult to access for bad actors);
n “Encryption (so that data is difficult to
interpret);
n “Validation between the end point (eg a
sensor) and the gateway (so that no sensors
can be spoofed and used as a way into the
network), and;
n “Two-tier authentication between the
gateway and the orchestration platform
(again, this means that only the right gateway
is talking to the orchestration platform and
wherever the data is going).”
He concluded: “Essentially you need
everything checking that everything else is
supposed to be there, all of the time!”
How much these systems cost depends on
the starting point of the company in question
and the end goal in terms of cyber-security
measures, according to EY’s Rundus.
“Most organisations that have a low maturity
find that there is a need to uplift cyber capabilities
over a three-to-five-year period, where
foundational or basic controls are prioritised and
implemented in the first 12-18 months.
“The order of magnitude for a cyber
transformation programme can range between
$3 million-$6 million for a small organisation,
and $25 million-$30 million for a large and
global organisation,” he said.
Focus areas
Regardless of budgets, Inmarsat’s Carr thinks
there are two key threats mining companies
should be aware of.
“The most obvious attack vector is
ransomware, with two main areas of focus being
processing and production,” he said.
“The best example of this would be a
hypothetical scenario of a malicious actor
accessing a plant control network or an
autonomous network and simply encrypting the
control system until a fee is paid.
“This is a classic ransomware attack and
something which goes on almost every day in a
range of industries but is rarely reported publicly.”
The other side of the threat is physical damage
to systems, as seen with the Stuxnet attack in
2010 or the Triton malware attack in late 2017
targeting industrial safety technology, Carr said.
“Attacks such as these could occur at almost
any stage of a mining operation.”
Mining companies should also be aware of
the distinction between “white noise” and
“targeted attacks”, ABB’s Schierholz said.
“I typically differentiate between targeted
and sophisticated attacks – the black swan
risks: rare, but catastrophic – and the white
Symantec Corp recently introduced Industrial Control System Protection (ICSP) Neural, the
industry’s first neural network-integrated USB scanning station aimed at helping organisations
protect critical infrastructure from the physical consequences of cyber attacks.
ICSP Neural uses artificial intelligence to prevent known and unknown attacks on IoT and
operational technology (OT) environments by detecting and providing protection against malware
on USB devices, Symantec says. It scans, detects USB-borne malware, and sanitises the devices,
according to the company.
“Existing ICSP deployments have shown that up to 50% of scanned USB devices are infected
with malware,” Symantec says.
OT is mission-critical in industries such as energy, oil and gas, mining, manufacturing, and, in
transportation, but legacy systems are often outdated and nearly impossible to secure with
traditional end-point security, according to Symantec.
“Companies have typically relied on un-scanned USB devices to update these systems,
increasing the potential for malware infection and targeted attacks.
“The threat of cyber warfare – including physical damage and personal safety – is very real and
the consequences are potentially devastating. Despite this, the industrial control systems that
power critical infrastructure often run on outdated Windows systems leaving them vulnerable to
both known and unknown threats.
“For example, the infamous Symantec-discovered Stuxnet worm used USB-based malware to
manipulate centrifuges in Iranian nuclear plants – ultimately sabotaging a key part of the country’s
nuclear programme.”
Simplifying the scanning process is critical to overall security hygiene, as operational technology
environments are often in remote areas or field operations, far removed from an organisation’s IT
teams, Symantec said.
“As such, the ICSP Neural scanning process is simple, requiring no specific security or IT training.
Once connected, ICSP Neural emits visualisations and real-time signals through the LED light ring
that indicate when malware has been detected and sanitised,” Symantec said.
The Symantec-designed neural engine harnesses the power of Symantec’s world-class threat
intelligence network to increase detection efficacy by up to 15%, according to the company. It also
detects adversarial machine-learning attempts and initiates self-learning to provide protection
against unknown threats.
noise of any software-based system of non-
trivial complexity – those broad, undirected
attacks against any user of networked computer
systems such as WannaCry or NotPetya. Both
categories of attacks can have severe
consequences on an industrial operation. The
white noise, which happens day-in, day-out, can
be protected against by fairly basic security
hygiene. The sophisticated targeted attacks may not
be first priority, especially for smaller operations.”
Taking on the burden
Against a backdrop of stable-to-low commodity
prices and increasing levels of digital and
automated processes, many are calling for the
vendors and OEMs providing these solutions to
take on the burden of protection.
Drew Larsen, Director of Business
Development for ASI Mining, told IM that it was
reacting to its clients’ cyber security concerns.
“We are definitely active in adopting best
practices and looking at measures that can keep
all of our systems more secure. This will be an
ongoing effort for ASI indefinitely,” he said.
ASI’s on-board hardware and Mobius software
converts vehicles to autonomous operation, in
the process, interacting with various streams of
data from the OEM, mining company, predictive
maintenance software providers, etc. As a result,
it already equips its systems with layers of
protection, according to Larsen.
“There are some practices and functionality
we incorporate into our software and we are
constantly adding more capabilities,” he said.
Carr said Inmarsat embeds security in
“everything we do, however we are always
working with industry and government to
improve our security offerings”.
He added: “We have our own cyber-security
capabilities as well as a 24-7-365 cyber-security
centre based in London next to our satellite
Network Operations Centre, and we are
consistently recruiting and training staff to
ensure we have the most advanced cyber-
security capabilities in the industry.”
ABB, as a provider of process control and
automation systems, also offers layers of
protection for clients, according to Schierholz.
“As far as our scope of supply for a typical
mining automation system is concerned, we can
provide our customers with a security solution
for that entire system,” he said.
The company has a mining reference too.
Boliden had been using ABB’s 800xA process
control system in its process plants for some
time and, looking to harden its existing cyber
JANUARY 2019 | International Mining