Ways To Prevent Future Cyber Attack Against A Mining Company

Nyrstar, a Belgian metal producing firm becomes the latest victim of a cyberattack, which led the company to shutdown their email systems, not only in Belgium but for their global branches as well. Nyrstar however has claimed that their daily operations were not affected, including metal extraction and processing.

“The cyber-attack issue has been contained and Nyrstar is currently working on a technical recovery plan with key IT partners and global cyber-security agencies. Nyrstar has taken precautionary measures to ensure the continued operations of its sites. Nyrstar is continuing to assess and manage the cyber-attack issue to minimise the impact on its operations, customers and key stakeholders from the current situation. Business continuity plans are being introduced. The company will provide more information regarding the resolution of the cyber-attack in due course.” said Nyrstar’s spokesperson.

The mining sector is not a favorite target of hackers, as this is the first time a big mining company got involved with a cyber attack. Michael Rundus, Earnest and Young’s Global Mining & Metals Cybersecurity lead that there is a growing risk of a cyber attack against mining companies, he raised the possibility of 54% of all mining companies will one way or another will be a victim of cybercrimes of various intensities.

Nyrstar is a mining company that mines and processes zinc, lead and other utilitarian metals with many offices around the world, the company employs around 4100 employees at the time of this writing. It may be the best time for the mining sector to subject itself to penetration testing, just like other industries in order to increase cybersecurity defense.

When conducting a vulnerability assessment from the outside, the companies undergoing penetration testing are trying to compromise the systems from the outside. By positioning from outside the company the ethical hackers can see things from the point of view of the intruder. They see what an intruder sees – public IP addresses, systems in DMZ, external interfaces of the firewall and more.

When ethical hackers perform a vulnerability assessment from within, in some way they have an advantage since they are already inside and this status is high and trustworthy. They can see the print servers, file servers, databases, and other resources.

Today, in most organizations, security is set up to keep intruders out. Very little is done to secure the internal part of the organization (such as departmental firewalls, access controls at the user level, authentication procedures for internal resources and more). Typically, there are many more resources when they are in and looking around as most resources are internal to the company. Think of a vulnerability assessment as the first step of a penetration test.

The information gathered from the evaluation will be used in the tests. While the vulnerability assessment looks for gaps and potential vulnerabilities, the penetration tests try to exploit the results. Access to the network infrastructure is a dynamic process. Security, both information and physical, is dynamic. When making an evaluation, ethical hackers have a general view, which can yield false positives and false negatives, but much better than being surprised by real hackers without any preparations.