Tag Archives: cyber-attacks

A timely update from mine software solutions provider Micromine

Automation, IoT, Mineral exploration, Mining maintenance, Mining safety, Mining services, Mining software, , , , ,

As the New Year begins, Micromine is reminding mining companies to update their software to avoid potential cyber-security breaches, data loss, system integration issues and operational downtime in 2019.

The reminder comes on the back of Micromine’s release of new versions of Geobank and Micromine in 2018, which delivered a range of new productivity tools features and data security enhancements on both the exploration and mine design and geological data management solutions.

It also comes in the same week mining and metals processing company Nyrstar was hit by a cyber attack.

Micromine Chief Technology Officer, Ivan Zelina, said: “Software updates are often overlooked as they are not as visible as other business processes, but the value of new software versions should not be underestimated in our current, highly digitalised mining environment.

“Investing in software, but not upgrading it, is like buying a new car but never getting it serviced – you simply won’t get the best out of it.”

Potential risks and issues of not upgrading software, according to Micromine, include:

  • Security – all software and saved files become vulnerable to hacking and cyber crimes over time. Developers like Micromine proactively identify and address security threats, holes and bugs in new software versions;
  • Compatibility – many different technology systems and platforms are used simultaneously, which means older versions of software can be slow or not configure properly when integrated with other, newer platforms. As new technology emerges, it’s important that systems remain compatible. For example, Geobank Mobile integrates with the latest magnetic susceptibility devices, barcode readers, GPS, in-built and external cameras and more;
  • Inefficiency – new features and enhancements exist in updated software to make it easier to use, faster and more effective. Micromine invests significantly into continuous research and development to ensure clients enjoy intuitive, feature-rich functionality and interpretive capabilities with each upgrade;
  • Support – older software versions are often not supported as developers focus on improvements to enhance client outcomes. Users operating on outdated versions can waste time and energy on workarounds or lost time addressing issues.
  • People – by providing staff with the latest, innovative software tools, mining companies are more likely to attract and retain the best talent. It provides employees with the opportunity to learn and apply new techniques to problem solving whilst increasing their knowledge and skills.

To ensure clients can easily manage software upgrades, Micromine offers an annual licence programme for Geobank and Micromine.

The company said: “After paying a one-off annual fee, clients receive unlimited software upgrades and patches, complimentary new version training and participation in software beta programs and focus groups.”

Symantec’s ICSP Neural to protect operational technology from cyber attacks

Base metals, Coal technology, Energy minerals, Gem stone mining, High tech minerals, Industrial minerals, IoT, Mineral processing, Mining equipment, Mining safety, Mining services, Mining software, Precious metals, Steel and iron ore, , , ,

Symantec Corp has introduced Industrial Control System Protection (ICSP) Neural, the industry’s first neural network-integrated USB scanning station aimed at helping organisations protect critical infrastructure from the physical consequences of cyber attacks.

ICSP Neural uses artificial intelligence to prevent known and unknown attacks on Internet of Things (IoT) and operational technology (OT) environments by detecting and providing protection against malware on USB devices, Symantec says. It scans, detects USB-borne malware, and sanitises the devices, according to the company.

“Existing ICSP deployments have shown that up to 50% of scanned USB devices are infected with malware,” Symantec says.

OT is mission-critical in industries such as energy, oil and gas, mining manufacturing, and transportation, but legacy systems are often outdated and nearly impossible to secure with traditional end-point security, according to Symantec.

“Companies have typically relied on un-scanned USB devices to update these systems, increasing the potential for malware infection and targeted attacks.

“The threat of cyber warfare – including physical damage and personal safety – is very real and the consequences are potentially devastating. Despite this, the industrial control systems that power critical infrastructure often run on outdated Windows systems leaving them vulnerable to both known and unknown threats.

“For example, the infamous Symantec-discovered Stuxnet worm (first discovered in 2010) used USB-based malware to manipulate centrifuges in Iranian nuclear plants – ultimately sabotaging a key part of the country’s nuclear programme. To help combat this type of threat, the US government elevated its Cyber Command to a full combatant command in May 2018.”

Patrick Gardner, Senior Vice President, Advanced Threat Protection and Email Security, Symantec, said: “USB devices are given away at events, shared between co-workers, and reused again and again for business and personal use, introducing the risk of accidental or malicious infection. The impact of connecting an infected device to a critical system can be devastating,

“Behind the scenes, ICSP Neural will retrofit existing infrastructure with a central nervous system to provide protection for critical infrastructure. On the front end, a rugged aluminium design embodies a simple, intuitive user experience that clearly highlights potential threats.”

Better security through simplicity

Simplifying the scanning process is critical to overall security hygiene, as operational technology environments are often in remote areas or field operations, far removed from an organisation’s IT teams, Symantec said.

“As such, the ICSP Neural scanning process is simple, requiring no specific security or IT training. Once connected, ICSP Neural emits visualisations and real-time signals through the LED light ring that indicate when malware has been detected and sanitised,” Symantec said.

The Symantec-designed neural engine harnesses the power of Symantec’s world-class threat intelligence network to increase detection efficacy by up to 15%, according to the company. It also detects adversarial machine-learning attempts and initiates self-learning to provide protection against unknown threats.

“The AI-powered technology can learn in real-time, leading to sustained efficacy with limited internet connectivity – up to twice as long. These artificial intelligence and organic self-adaption capabilities can protect organisations against emerging and future attacks.”

“The neural engine enables high-intensity detection with near-zero false positives (as low as one hundredth of a percent). These capabilities are accomplished using just a tenth of the bandwidth of other similar solutions – an indispensable feature for systems using VSAT connections.”

ICSP Neural supports a range of OT and IoT devices and systems. The optional enforcement process prevents use of un-scanned USBs with less than a 5 MB installation footprint and can be deployed on operating systems from Windows XP to Windows 10 (Linux support is planned in 2019), Symantec says. It complements the latest version of Symantec’s Critical System Protection (CSP) software; a flexible and compact behavioural security engine built with application whitelisting, infused with anti-exploits for managed or standalone devices.

CSP 8.0 provides a no-internet, policy-based approach to endpoint security, securing devices from known and unknown zero-day exploits and attacks, even on legacy operating systems, Symantec says.