Mining: the risk of autonomous vehicles and smart mines
Analysis of the global mining automation market suggests it will grow in value by almost 50 per cent by 20231.
Rio Tinto, Fortescue Metals Group and BHP Billiton are setting the pace in mining automation. The global mining automation market is set to rise from $US2.2 billion in 2017 to $US3.29 billion by 2023.
Australian mines have had major equipment automated for many years. Yet the rise of driverless trucks, autonomous trains systems and connection to the internet for remote sites are relatively new. The evolution of smart mines has injected efficiencies and boosted productivity for businesses. They can now manage operations remotely and with fewer staff, but it also potentially expands the attack surface for cyber criminals.
Mining companies are becoming increasingly digitised. Employees are equipped with smart devices to provide flexible access to real-time mining information systems. This also significantly extends the computing perimeter of an enterprise, potentially rendering it more vulnerable to an attack.
Meanwhile, there has been an increase in automation in very deep, underground mines where signals are hard to maintain, for measuring and monitoring production underground. While such systems are not generally connected to the internet because of the challenges associated with maintaining a connection, it might also be harder to implement manual workarounds when a system fails, causing an interruption to the business until the equipment is repaired or replaced.
Mines have become a target for a cyber or ransomware attack when they use technology that is connected to the internet. For example, an internet software may be used to monitor the efficiency of the mining process and measure output such as the amount of gold that comes out at the end of the process. Malware can be deployed, locking up an organisation’s computer systems until a ransom is paid or the entire network rebooted from a backup.
Mining companies must ensure they conduct a thorough risk review when they roll out new automating technologies. They must ensure they have adequate coverage in the event of a systems outage or cyber-attack.