Press release

Cyber-hacking threat increasing for mining and metals companies

  • Share
View the online version
Download the PDF

SYDNEY, 10 JANUARY 2014 – Cyber-hacking is becoming increasingly pervasive in the mining and metals sector, with the potential to soon be a top 10 strategic risk, according to EY Global Mining & Metals Leader Mike Elliott.

Commenting today after the release of the EY paper, Cyber hacking and information security: mining and metals,  Elliott says the increased importance of the sector in global supply chains makes it a target and the increasing reliance of companies on technology makes it more exposed.

“Cyber hacking targets are no longer just the big names, many more companies across the sector are now vulnerable,” says Elliott.

“Mining companies are becoming far more reliant on integrated IT systems in their drive to improve productivity and bring down costs, and this makes them more exposed and vulnerable to cyber-attacks.”

“At the same time, the relative importance these commodities play in global, regional and local supply chains means the companies have become priority targets and this is exacerbated by the extreme price volatility we expect to continue for the next 2-3 years.”

Forty-one per cent of mining and metals sector respondents* to EY’s recent Global Information Security Survey 2013-2014 reported an increase in external cyber threats in the past 12 months.

EY identifies three types of groups likely to target mining and metals companies – criminals, national governments and hacktivists.

“This means many companies who previously thought they would not be targets are now vulnerable,” he says.

Elliott says the danger for mining and metals companies is that cyber-hacking and information security have often been narrowly viewed as an IT issue in the past.

“The risk is heightened by the centralized nature of many business functions across supply chains now and the dependence of operations on sophisticated IT systems. A top down approach from the Board and Executive is needed to ensure the issues and threats are understood and addressed,” he says.

Only 18% of mining and metals respondents to the Global Information Security Survey 2013 believe their information security fully meets their organization’s needs.

“The increasing prevalence of cyber-hacking means companies need to identify and assess the likely threat to their organization and mitigate accordingly,” says Elliott.

About EY
EY is a global leader in assurance, tax, transaction and advisory services. The insights and quality services we deliver help build trust and confidence in the capital markets and in economies the world over. We develop outstanding leaders who team to deliver on our promises to all of our stakeholders. In so doing, we play a critical role in building a better working world for our people, for our clients and for our communities.

EY works together with companies across the CIS and assists them in realizing their business goals. 4,500 professionals work at 20 CIS offices (in Moscow, St. Petersburg, Novosibirsk, Ekaterinburg, Kazan, Krasnodar, Togliatti, Vladivostok, Yuzhno-Sakhalinsk, Almaty, Astana, Atyrau, Bishkek, Baku, Kyiv, Donetsk, Tashkent, Tbilisi, Yerevan, and Minsk). 

EY refers to the global organization, and may refer to one or more, of the member firms of Ernst & Young Global Limited, each of which is a separate legal entity. Ernst & Young Global Limited, a UK company limited by guarantee, does not provide services to clients. For more information about our organization, please visit

This news release has been issued by EYGM Limited, a member of the global EY organization that also does not provide any services to clients.