As mines undergo digital transformations, cybersecurity risks overlap significantly with safety.
In the mining sector, safety is the core culture. Yet, because it is more invisible than the physical risks of a mineshaft, cybersecurity has been left behind. Weighing physical safety as a higher priority than digital safety is a damaging downfall.
The culture of safety in mining is long‑established, built upon tragedies like the November 20, 1968 Farmington No. 9 coal‑mine explosion, which killed 78 miners and triggered sweeping U.S. legislation including the 1969 Coal Mine Health and Safety Act and the creation of MSHA.
Today, safety remains a core priority across the sector. Cybersecurity, on the other hand, trails far behind — but its risks are no less severe: recent Claroty survey data indicates that 26% of cyber incidents in mining resulted in production shutdowns, 30% led to loss of customer or partner relationships, and 28% implicated public safety.
When surveyed about the financial toll of cyberattacks, nearly 70% of respondents indicated their organizations had incurred losses exceeding $100,000 and more than 30% reported damages surpassing $1 million. The most frequently cited cost drivers behind these losses included legal expenses, lost revenue, and regulatory penalties. The data underscores the substantial financial burden that recurring cyber threats impose on the sector. And yet, cybersecurity lags behind.
A cyberattack that interrupts OT or automation systems can halt operations altogether, accumulating multi‑million‑dollar losses per day, exposing environmental compliance failures, and damaging reputation. And yet, cybersecurity still receives significantly less strategic and regulatory attention than physical-site safety.
A 2025 report by EY demonstrates this unfortunate trend. Researchers found that cybersecurity has dropped out of the top 10 risks of mining and metals companies. But the reason is more startling than the statistics. Cybersecurity didn’t make the list because it’s now considered business as usual. But, this story isn’t complete. The cyberattack trends paint a different picture, and it doesn’t add up. According to MM-ISAC’s (Metal and Mining — Information Sharing Analysis Centre) 2024 report, there has been a 200% increase in cyber incidents impacting the mining and metals sector in Canada.
Those in cyber who are dedicated to securing mines have no interest in overturning the emphasis on physical safety. In fact, as safety-focused practitioners, they endorse it. But there’s no doubt, as mines leverage the latest technologies and radically digitalize operations to stay ahead, cybersecurity and safety are on the table. Not only that, but they’re a permanent fixture.
The importance of mining to Canada
Mining is critical to Canada’s economy. The mining industry contributes $24B to provincial GDP in Ontario and 694,000 jobs nationwide. Mining accounts for ~5% of Canada’s GDP and is one of the assets that will unleash Canada’s economic potential. Unbeknownst to most Canadians, Canada is home to 200 active mines, most spread between Ontario, Quebec, and British Columbia. The top five commodities — gold, potash, coal, iron ore concentrates, and copper — comprise over two-thirds of the sector’s total value.
Critical minerals, essential to modern technology, clean energy, and national security, have also been under the spotlight due to the recent geopolitical climate. Canada is recognized as having one of the world’s most important reserves of these critical minerals, and as emphasized by Canada’s Critical Minerals Strategy, they will play a significant role in the country’s future prosperity.
As the Canadian mining sector establishes its place on the global stage, it will entice cybercriminals and nation-state actors. Cybercriminals are profit-driven and will target organizations with the ability to pay a ransom. Additionally, nation-state actors are driven by political interests and will target industries of strategic importance. Mining is in the crossfire.
What are the key cyber threats?
What are the key cyber threats in mining?
- Human-driven threats
- Phishing and social engineering.
Threat actors (including cybercriminals and nation-state actors) leverage publicly available information to exploit mining company employees. - Insider threats.
Disgruntled employees or those who may be bribed may steal sensitive information or install malicious software on behalf of threat actors.
- Phishing and social engineering.
- System & supply chain vulnerabilities
- Supply chain risks.
Mining companies deploy a wide array of technologies, and a cybersecurity incident affecting the service provider may impact the mining company. - Legacy OT systems.
Operational technology deployed at mine sites was not designed with security considerations in mind and presents a considerable risk if connected to IT systems. - Remote access exploits.
An increase in the number of monitoring and control systems that allow remote access opens up the attack surface for threat actors to exploit.
- Supply chain risks.
- Attack types
- Ransomware.
The deployment of malicious software to disrupt an organization’s operations threatens the continuation of business and causes financial and reputational impacts. - Industrial espionage.
The theft of geological exploration data and corporate strategic data may result in loss of potential earnings and investor confidence.
- Ransomware.
- Gaps in design. training and awareness
- Engineering oversights in security-by-design.
Operational technologies focus on maintaining high levels of uptime, longevity, and efficiency. Security is often an afterthought. - Gaps in understanding among general managers at the site level.
Cybersecurity is viewed as the responsibility of IT professionals and is often seen as a cost to the business.
- Engineering oversights in security-by-design.
Cyber threats look a lot like safety hazards
Safety incident | Cybersecurity incident |
---|---|
Can cause operational shutdown | Can halt production systems |
Impacts worker health & safety | Can affect autonomous haulage, ventilation, etc. |
Attracts regulatory scrutiny | Can trigger privacy enforcement |
Damages trust with workers and the public | Damages trust with investors and partners |
Often avoidable with training and protocols | Often avoidable with awareness and governance |