Unhindered and clear communication to remote locations can be a problem. Being able to communicate clearly without any hiccups when you are located away from “normal” civilization is almost always challenging. For an industry such as the mining industry, communication issues, especially safe communication, can be a costly problem. We are not only talking about vast amounts of data being stolen. What makes the mining industry particularly vulnerable is that small and simple information regarding the location of resources is all that needs to be compromised, to become an expensive headache. After spending years of research and vast amounts of money, all it takes is one data hack for the work to be stolen. For these reasons and more, the mining industry has always been ripe for a good security upgrade.
The Oil Industry and its Vulnerabilities
Even though all mining industries are put under one umbrella, the truth is that each one is different from the next. Copper mining, for example, is different from oil exploration. When an oil-rich location is found, there is a multitude of different ways, that information can be useful, especially when it comes to downstream businesses. Hackers know this and exploit the information accordingly. However, information regarding any type of mineral deposits is highly useful, and hackers can sell this to third party vendors for a large fee.
Because of the international nature of the mining business, it is relatively safer for a hacker to exploit any information. Competing mining companies are more willing not to ask questions and look the other way, because of the vast amounts of wealth at stake. Therefore, the mining industry experiences more data theft as opposed to ransomware issues.
Whatever the type of attack it may be, a cyber attack is still an attack that needs to be taken seriously and dealt with. The following are some stats highlighting what can happen when the mining industry gets hacked.
- According to industry watchers, there at least 140 hacker groups who target oil and gas companies exclusively.
- At least 70% of oil and gas companies have been hacked into at some point.
- BP, Exxon, Royal Dutch Shell Oil, Marathon Oil, and Baker Hughes were all victims of the famous hacking group known as the “Night Dragon”.
- The world’s largest oil exploration and mining company, Saudi Aramco, suffered a major hack, believed to have been originated in Russia. The company lost all access to their systems and had to go “analog” briefly. They had to use fax machines and old fashion typewriters to continue working.
The theory behind Russian involvement makes sense because Russia is a major player in the oil & natural gas business and view everyone as a competitor. In fact, in many of these attacks done to petroleum companies have been traced back to government-controlled Russian firms. Shockingly, despite all this, as many as half of all mining companies did not have good security systems in place as late as 2013.
The Gold Corp Incident
Back in 2016, a high-profile hacking incident happened to one of the most valuable mining companies. The company’s name is Gold Corp, and it was on the list of the top three most valuable companies in the mining business. Involved in gold mining operations, Gold Corp lost over 14 gigs of data over several months, before anyone at the company even realized they got hacked. The hacker outfit responsible for the hacking was a group known as FIN 10. Among the items that got stolen, included business and private emails, mining data, contracts, and financial transactions. Many of the leaked data included private emails. The hackers demanded a ransom, but Gold Corp did not comply.
Gold Corps hacking incident was such a wakeup call to the mining industry as a whole, that several mining companies decided to join together to help stop such attacks. The new group put together was named the Mining and Metals Information Sharing and Analysis Center or MMISAC for short. MMISAC members pledged to share any relevant data regarding cybersecurity with each other.
How SKY ECC Could’ve Prevented the Gold Corp Disaster
Notice how much of the data stolen from the Gold Corp debacle was emails and messages. The fact is, people tend to have a false sense of security regarding email security, as emails are only marginally safer than SMS messages. With SKY ECC’s system in place, you can say goodbye to hackable emails and messages. The following are some of the main ways Gold Corp’s security would have been better, had they used our systems.
- All messaging done on SKY ECC’s systems is only privy to the users of our devices. The reason for this is because we do not use infrastructure from other companies. Only SKY ECC’s systems get used to send and receive messages.
- The way FIN 10 hacker group made it into Gold Corps systems was by using phishing emails. All it would take is for one employee to open it for the hackers to make it into their systems. On the other hand, if SKY ECC’s systems were used, unauthorized emails from suspicious sources would not be allowed in.
- With SKY ECC devices in place, communication between staff members would not have stopped, as it happened to Gold Corp. This would have allowed work to go on while the authorities dealt with the hackers. Since our devices are un-hackable, the perpetrators would not get wind of what’s going on.
- SKY ECC uses a technique called “microsegmentation” Which allows you to separate all communication between users and makes it impossible for unauthorized parties to eavesdrop.
- With access to our servers, you will never have to put all information, especially sensitive information on ordinary servers again. You will be able to install it on SKY ECC’s servers instead and sleep peacefully at night.
The Lesson to be Learned from The Gold Corp Hack
The biggest takeaway from the Gold Corp incident is that it is safe to assume that a smaller company would have most likely collapsed from such an attack. The main reason why they were able to continue is because of their size, which gave them a cushion to take such a big hit. The good thing that came out of the Gold Corp hack is that at least other mining companies got together and decided to do something about it. You can also do something about if you use SKY ECC’s systems, regardless of how big or small your business is.