As mining companies increasingly adopt cloud technologies, AI, and IoT, the industry faces a surge in cyber threats. Over the past decade, digital transformation has improved efficiency and safety, but it has also exposed mining operations to sophisticated cyberattacks.
According to Jeff Pick, cybersecurity director at Freeport-McMoRan, cyber threats are now a daily reality, ranging from phishing to brute-force attacks. “The question isn’t if a cyber event will occur, it is when,” Pick told Mining Technology. The latest Annual Report 2024 from the Mining and Metals – Information Sharing and Analysis Centre (MM-ISAC) highlights that cyberattacks in the mining industry tripled from 10 in 2023 to 30 in 2024.
Notable recent incidents include ransomware attacks on major mining firms such as Alamos Gold, Northern Minerals, Sibanye-Stillwater, and Evolution Mining. The BianLian and BlackBasta ransomware groups have increasingly targeted the industry, disrupting operations rather than simply stealing data.
AI is both a security risk and an opportunity. Cybercriminals now leverage AI for more deceptive attacks, while companies use it for efficiency gains. “AI is making life way easier for cybercriminals,” warns MM-ISAC CEO Rob Labbé. The paradox of AI-driven innovation versus security concerns has led to delays or cancellations of nearly 40% of new mining technology projects.
Despite rising cyber threats, many mining firms underinvest in cybersecurity, prioritizing cost-cutting over protection. Labbé emphasizes resilience as the key to mitigating attacks. “If a determined attacker targets your company, they will succeed. What matters is how prepared we are to minimize damage and recover quickly,” he says.
As cyberattacks are expected to rise further in 2025, the mining sector must balance security and innovation to ensure continued digital transformation without compromising operations.