Mexico
Analysis

How the Mexican mining industry should confront ever more sophisticated cyberattacks

Bnamericas
How the Mexican mining industry should confront ever more sophisticated cyberattacks

Although mining companies' expertise in risk management has helped them mature quickly in combatting cybercrime, they must step up efforts against organized criminal groups deploying increasingly sophisticated attacks.

Experts discussed the topic at the “Cyber Resilience in Mining” panel at the Mexico Mining Forum held recently in Mexico City. They recalled that cyberattacks have grown at an alarming rate in various industries, and mining is an ideal target due to the very nature of the business.

In the 2024 Mining Risks and Opportunities Survey, carried out by consultancy EY, cybersecurity was the eighth biggest concern, re-emerging for the first time since 2020.

The increasing convergence of IT and operational technology (OT), digital transformation and remote working, as well as geopolitical tensions such as the war in Ukraine, have caused cyber incidents to skyrocket, according to EY.

The World Economic Forum has also highlighted cybersecurity as a short- and long-term risk that must be addressed now.

David Tintor, CEO of cybersecurity firm TBSEK, highlighted that attacks in the industry as a whole increased by 300% last year, mainly because mining is a business that generates billions of dollars and which cybercriminals target for monetization.

“Last year, cybercrime doubled drug-trafficking revenues… This year, several drug trafficking groups have even been identified as being involved with cybercriminal groups to diversify their business because they are taking over all their markets. That is the reason: the reason is that it generates money, and it generates a lot of money,” said Tintor.

Regarding the modus operandi, Tintor said that in the past cybercriminals mostly charged ransoms for stolen or encrypted information, but today the most common activity is to paralyze operations or businesses.

“What better way to paralyze a business than to know exactly that for every [second] that a silver mine mill is down, it loses US$5. And for every second that a gold mine mill is down, it loses US$400. When you can count exactly what you lose due to a shutdown, the attacker can turn that into monetization,” he said.

Alexandro Fernández, executive director of OT cybersecurity at Intelligent Networks, said that even governments are involved.

“Many times what we are seeing in Mexico, in South America, Latin America, in general in the world, is that… these are groups that are often sponsored by governments. There is a lot of talk about the Chinese, there is a lot of talk about the Russians, there is a lot of talk about North Korea, Iran, etc. They don’t say it openly, but they are groups that are looking for, of course, a benefit,” said Fernández.

He added that there are other organized crime groups that are offering ransomware services. “So, these groups are also, obviously, going to look at the mining sector and say: 'Hey, here they extract zinc, here they extract gold, here they extract silver.' So, of course, they see that there is money here.”

TBSEK's Tintor believes that the mining sector has matured much faster than sectors that face even more attacks, such as the financial sector, because security is part of its DNA.

However, he warned that the current challenge facing mining companies is that the OT is isolated from the network and therefore assumed to be protected from potential threats, but hyperconnection and hyperconvergence keep them connected still, making the risk imminent.

Fernández agreed with Tintor that cybercriminals see opportunities in outdated OT, and that as companies seek to connect their systems to the internet, they expose themselves to greater risk.

"One of the main aspects that must be carried out, let's say as step number one, and it is highly recommended, is to perform an assessment... that contemplates, of course, and is right now focused on the OT part, on operating technologies."

He added that during such an assessment "it is evaluated what technologies I have, what protocols they are managing, how the networks are, if they are interconnected, if for example I have a command and control center in a remote location, how are they connecting, or if I have a Schneider or a Rockwell or an ABB that are also having remote access to my equipment, my trucks, my drones, etc. How is all that being protected?”

Subscribe to the leading business intelligence platform in Latin America with different tools for Providers, Contractors, Operators, Government, Legal, Financial and Insurance industries.

Subscribe to Latin America’s most trusted business intelligence platform.

Other projects in: ICT

Get critical information about thousands of ICT projects in Latin America: what stages they're in, capex, related companies, contacts and more.

Other companies in: ICT (Mexico)

Get critical information about thousands of ICT companies in Latin America: their projects, contacts, shareholders, related news and more.

  • Company: Grupo 3DPro
  • The description included in this profile was taken directly from an official source and has not been modified or edited by BNamericas’ content team. However, it may have been au...
  • Company: Grupo Conektame S.A. de C.V.  (Conekta)
  • The description included in this profile was taken directly from an official source and has not been modified or edited by BNamericas’ content team. However, it may have been au...
  • Company: Megacable Holdings S.A.B. de C.V.  (Megacable)
  • Megacable is a Mexican telecommunications company dedicated to the installation, operation, maintenance and exploitation of cable television signal distribution systems, interne...
  • Company: Letseb, S.A. de C.V.  (Bestel)
  • Bestel is a telecommunications provider owned by Mexican telecom group Empresas Cablevisión, S.A.B. de C.V. (Izzi). It is made up of Letseb S.A. de CV. and its subsidiaries, Ope...