Need for a complete cybersecurity solution in mining

Addressing key issues around cyber safety in an increasingly connected and digitalized industrial world.

Share this page

Based on an original article by Apala Ray, Global Cybersecurity Manager, Process Automation Process Industries in International Mining's February 2021 issue
View the original article ("Gone phishing") as PDF

Digital and automation solutions offer mining operators unprecedented visualization across their operations, allowing them to make smart, informed decisions that improve production efficiency.

However, this increased interconnectedness between operational technology (OT) and information technology (IT) systems also makes industrial plants more vulnerable to sophisticated cyberattacks. 

These threats can take the form of generic ‘white noise’ attacks that impact both IT and OT systems, as well as attacks using custom malware specifically crafted to infiltrate the target environment.

In response, cybersecurity must be addressed at each phase of an automation asset’s lifecycle, from design and development to operations and maintenance, identifying what needs to be protected, detecting attacks and security breaches, and establishing effective back-up and recovery plans.

Why us?

Despite this impending threat, cybersecurity is not top of mind for miners implementing new OT, according to a 2019 State of Play report on cybersecurity in mining. Through interviews, survey and analysis of Australia’s largest mining and service companies, including BHP, Rio Tinto, South32, and Anglo American, the ‘State of Play: Cyber Security Report’, from researchers at State of Play, uncovered that 98% of top-level executives thought a catastrophic event was required to drive an industry response to cybersecurity in mining.

The reality is that this ‘catastrophic event’ has not yet occurred in the mining space, although it is getting nearer.

It is crucial to plan responses to cybersecurity threats that have wide-ranging impact from commercial loss to use of systems to trigger catastrophic worldwide events

A layered approach to cybersecurity

Cybersecurity solutions have necessarily adapted and evolved in response to such threats, but the onus is on mining companies to develop a coherent cybersecurity strategy, and integrate measures into existing processes in order to protect assets, processes and people from this imminent danger.

This can be successfully achieved by partnering with a recognized technology leader. ABB acts as a maintenance service provider, an integration service provider, and also as a product supplier. The company’s cybersecurity portfolio is built around three layers: foundation, service and operation.

In the mining sector, the first foundation layer is of particular importance. US Homeland Security reports that 98% of cyberattacks can be mitigated if industrial operators have basic digital hygiene and process controls in place, including the latest anti-virus software and a regular back-up system.

To protect industrial facilities against undetected ‘zero day attacks’ from Advanced Persistent Threats (APTs) such as ransomware, ABB also advises that network segregation and recovery processes are put in place, the latter allowing mining companies to maintain production following a cyberattack.


An ideal cybersecurity portfolio is built around the three layers of foundation, service and operation.

ABB Ability™ CyberSecurity Fingerprint

ABB Ability™ CyberSecurity Fingerprint provides customers with an initial in-depth site survey to assess their existing cybersecurity control system. By combining data from an asset risk review done using ABB Ability™ Cyber Security Benchmark control system and insights from plant personnel, ABB can advise on risk mitigation and how to improve overall cybersecurity profile.

ABB used ABB Ability™ CyberSecurity Fingerprint with a Swedish mining customer’s cybersecurity policies, producing a detailed plan that analyzed the plant’s control system security and recommended new actions that could provide further protection.

It is important not to view cybersecurity as an isolated, standalone solution. It is an ongoing, holistic process that requires security patches and antivirus software to be constantly reviewed. Keeping these basic function controls updated is part of the second layer of ABB’s cybersecurity portfolio.

The third layer of protection involves operational security monitoring in collaboration with strategic partners, using advanced analytics to predict and identify evolving security threats, and adapting proven solutions from the IT sector (IBM QRadar and Splunk, for example) for use in the OT space.

Standard procedure

Collaboration, integration and clearly defining roles within the cybersecurity process are also key considerations for industrial customers to ensure they comply with standards such as IEC 62443.

The asset owner, the maintenance service provider, the integration service provider, and finally the product supplier all have clearly defined responsibilities, and must work together. Industry standards such as IEC 62443 help mining operators and technology providers such as ABB to identify risk: do we need high-end solutions or can we afford to employ lesser measures based on the risk exposure?

As asset owners, customers are in charge of cybersecurity strategy and associated risk throughout the lifecycle. The maintenance service provider reviews the technical, process and organizational measures across the holistic protection scheme to assess if security measures are fit for purpose.

The integration service provider develops and validates this holistic protection scheme and maps the residual cybersecurity risk. The product supplier takes into account requirements of the target market, shares technical documents with integration and commissioning providers, undertakes vulnerability assessments, and ultimately deploys cybersecurity technologies for industrial clients.


100% cybersecurity is not possible, as the threat landscape changes everyday. Mining companies must collaborate with standards organizations and trusted technology leaders to be able to adapt rapidly in response.

Read more

  • Contact us

    Submit your inquiry and we will contact you

    Contact us
Select region / language

Popular links