For the Australian economy, the mining and manufacturing sectors are engines of growth. Yet, in the realm of cyber security, they are increasingly viewed by attackers as “low-hanging fruit”. The reality is stark: these industries are becoming primary targets not just because they hold valuable data, but because they are often easier to hack and take significantly longer to detect intrusions than other sectors.
The root cause of this vulnerability is often a historical underinvestment in modern technology and specific cyber security controls. While production machinery is world-class, the digital locks protecting it are frequently outdated, creating critical weaknesses that opportunistic hackers are all too eager to exploit.
The High Cost of Legacy Technology
Mining and manufacturing environments rely heavily on Legacy Software, systems and Operational Technology (OT)—the systems that power trucks, robots, and fuel-monitoring equipment. Unlike modern IT systems, these OT environments often are expensive, lack built-in security features, difficult to impossible to update.
This technological gap creates a massive “blind spot”. Because attacks on operational technology are not always compulsory to report, and because organisations have underinvested in monitoring these specific environments, hackers can bypass defences with relative ease.
Taking Years, Not Days, to Detect
The consequence of this underinvestment is a lack of visibility. When you do not invest in the technology to watch your network, you do not know when someone has broken in.
Recent figures obtained under Freedom of Information (FOI) laws paint a worrying picture of just how long this “dwell time” lasts:
- Years of Silence: Some operators in the mining and manufacturing sectors took more than a year to detect a breach.
- Extreme Delays: One operator failed to detect an intrusion for 520 days, then waited another 84 days before notifying authorities.
- Slow Response: Even after detecting a breach, these companies took on an average of an extra 39 days to report the incident.
This delay is not just a metric; it increases the harm as the longer a breach goes undetected, the more time attackers have to harvest credentials, exfiltrate data, or deploy ransomware.
Ransomware: The Predator of Choice
Because these sectors are perceived as softer targets with critical uptime requirements, they are heavily targeted by ransomware. Malicious or criminal attacks accounted for more than nine in 10 breaches in these sectors, with ransomware making up more than a quarter of incidents.
The data shows that breaches caused by malware took an average of 146 days to identify. This suggests that malicious code is often sitting dormant or active within systems for months because the necessary investment in detection technology simply isn’t there.
Closing the Gap with Vertex
The era of “security through obscurity” is over. To stop being an easy target, mining and manufacturing organisations must align their security investment with the value of their assets.
- Invest in Visibility: You cannot rely on manual checks. You need automated, 24/7 monitoring of both IT and OT environments to catch “opportunistic” hackers before they settle in for the long haul.
- Test Your Defences: Regular penetration testing is crucial to identify the weaknesses that result from legacy technology.
- Upgrade Your Posture: Moving away from the “as soon as practicable” mindset to a proactive security stance is the only way to reduce the dwell time and the impact of a breach.
Don’t let underinvestment be the reason your operations come to a halt. Contact the expert team at Vertex to discuss how we can help modernise your security and protect your business.