HomeBase MetalsCybersecurity: Dealing with an unseen enemy

Cybersecurity: Dealing with an unseen enemy

As we get used to working in the new normal, mining companies are increasingly relying on digital technology. Now, while technology enhances productivity and increases safety, it does make companies more susceptible to cyberattacks.

GERARD PETER finds out more from EVGENY GONCHAROV, a security expert at Kaspersky.

This article first appeared in Mining Review Africa Issue 11, 2020
Read the full digimag here or subscribe to receive a print copy here

Because cyberattacks are not always made public, Goncharov states that it is difficult to put an exact number on how many such breaches take place.

“According to our statistical data, we are seeing that widespread attacks are decreasing as cyber criminals focus on a smaller set of potential targets. Also, at the same time, the variety of malware is also increasing,” he adds.

Read more TECH NEWS

On the other hand, Goncharov does point out that Kaspersky has noted that the number of brute-force attacks Industrial Control Systems (ICS) related computers available via Remote Desktop Protocol (RDP) has slightly increased as companies make provision for their employees to work remotely.

“If an attacker succeeds in getting direct access to a computer inside the ICS perimeter, it can be a very dangerous thing for a company. As such, this is something that company IT and OT security needs to be aware of in order to prevent this threat,” he explains.

Read more about IOT

While many companies are reluctant to make it known that they have fallen prey to a cyberattack, Goncharov advises that they should not keep quiet.

“Remaining silent and not disclosing information is not a good thing to do. In fact, when we deal with attacks, we try to share this information with others so that others can be made aware of these potential attacks. We don’t share the information of the targets, only the technical details,” he adds.

Security is everybody’s responsibility

On a positive note, Goncharov states that there is an increasing awareness at boardroom level about cybersecurity and that mining companies are taking this threat seriously and that companies are now starting to put budgets in place for cybersecurity.

“Sometimes these measures are put in place because of legislation but in many cases, we see that it is motivated by the fact that a company wants to protect itself against a cyberattack.”

He further avers that the types of cyberattacks on mining companies is not unique to the sector and that similar attacks are experienced in a variety of industries.

Companies are attacked for various reasons including gaining access to confidential information or to disrupt operations, says Goncharov.

“The majority of cyberattacks that we detect and prevent are random attacks by different cybercriminals; some of them don’t even know that they have attacked a particular company as they are aiming to access personal information such as social media profiles and bank accounts.

“These criminals use multi-purpose malware that can be used for collecting different kinds of information and for accessing different company resources.

“Once such a system is compromised, it can be reused by multiple criminals. For example, this information can be sold to other cyber criminals on the black market.”

Goncharov expresses concern that the number of spyware and ransomware attacks on industries such as mining is on the increase. He adds that there are some cybercriminals that specifically target large enterprises with the view of extorting large amounts of money.

Even though companies such as Kaspersky are making great advances in cybersecurity, it is often believed that the criminal element is always one step ahead. So, how does a company protect itself from a cyberattack?

Goncharov states that it starts with the basics that don’t cost a lot of time and money. Firstly, a company should have a security policy in place.

Secondly, installing antivirus on all endpoints and making sure that automated systems are updated is important. Such steps do not require lots of investment or time and don’t require months of training your personnel on cybersecurity.

“However, there will still be some unprotected devices,” he adds.

“As such, there is some room for infecting a system with something which has not been efficiently detected by an existing solution. That’s why educating personnel and making them understand how to not expose themselves and their organisations to cyber threats is very important thing to do.”

He further explains that more advanced protection is required for mining companies that are prone to a sophisticated cyberattack or APT. This starts by establishing a continuous  vulnerability assessment process which looks at all the possible threats as well as which equipment is most vulnerable to these threats.

Protecting such enterprises will include implementing security measures that can detect highly targeted cyberthreats that sometimes may be missed by off the shelf products.

“In addition, you need to implement strict policies when it comes to working with contractors and suppliars. There needs to be proper procedures in place when it comes to installing equipment and software.

Also, a company should look at equipment that have built-in security architecture. At the moment, these are quite rare but we are currently at the beginning of a new era and more of these types of products will soon be available,” Goncharov concludes.

Gerard Peter
Gerard Peter is a content creator and media strategist with more than 23 years' experience in new and traditional media.