Cyber risk in the metallurgical industry has been a budding threat since the Industrial Revolution began in Europe.

Cyber Risk in the Metallurgical Sector

Innovation in metal production has not only led to a boost in efficiency but an increase in cyber risk as well.
3 min read

Cyber Risk in the Metallurgical Sector

3 min read
Cyber risk in the metallurgical industry has been a budding threat since the Industrial Revolution began in Europe.

Cyber risk has been a budding threat since the Industrial Revolution began in Europe. With each passing decade, tools and techniques to support development were improved, increasing this eminent risk. The foundation of this revolution was the discovery of various sources of energy, namely coal, gas, and oil, as well as the discovery of various ore deposits. This led to the birth of the metallurgical sector. Recent graduate of the Certified Cyber Insurance Specialist training course, Alexander Mazay, explores cyber risk in the metallurgical sector as it has developed throughout history.

Metallurgy is a domain of material science and engineering that studies the physical and chemical behavior of metallic elements. It is used, for example, in the production of metals such as steel for airplanes, vehicles (automobiles, railways, and ships), recreational vehicles, buildings, implanted devices, and  musical instruments.

Key Areas of Cyber Risk in the Metallurgical Sector

After the Industrial Revolution, the next notable development in the metallurgical sector came in the middle of the 20th century when information technology was born. Nowadays, the metallurgical sector is overrun by automation. An ordinary pickaxe has become a drilling machine, and the movement of ore occurs with the help of a control panel and wi-fi. Unfortunately, along with this increased efficiency, new cyber risks have arisen. 

Automation 

The metallurgical sector is no stranger to cyber risk. Since the implementation of automation, access control occurs through a unified information network. In addition, company databases house client information, supplier information, intellectual activity, developments, and other important information about the company’s activities.

Employee Access

All employees have their own electronic data account which creates increased cyber risk in the metallurgical sector. There are several ways to violate information security and penetrate an information system. This can, for example, be achieved through social engineering, when a careless employee inadvertently shares his credentials with a hacker, if he opens an unauthorized file and follows a link, or simply inserts an infected drive into the system unit.

Damaged Equipment

The damage of IT or industrial equipment is a major cyber risk. A cyber attack can damage equipment such as drilling rigs or smelting furnaces and they are extremely expensive to replace. Furthermore, the business interruption caused by the inactivity of equipment is dangerous and can result in huge losses. Even if the profit can be compensated after the system is restored, fixed costs such as wages and the cost of electricity cannot.

A Cyber Incident in the Metallurgical Sector

In 2014, a German Steel Mill suffered a cyber incident. A blast furnace stopped due to a cyber attack. The hackers were able to infiltrate the system using spear phishing and social engineering techniques. As a result of the affected furnace, the metal inside it froze. The machinery could not be restored, and the company suffered additional losses due to decreased productivity caused by the breakdown of the furnace. Little has been done since to protect such equipment from cyber attacks due to the nature of operational technology.  

The metallurgical sector has to focus on protection against cyber risk. The focus should be directed toward covering potential equipment loss and business interruption as a result of an attack, as well as loss of access to unified information networks. The industry cannot exist without reliable protection, which can be achieved through employing appropriate techniques and issuing cyber insurance policies.

Unlock more world-class knowledge and expertise.

Upgrade your membership to enjoy unlimited access to premium content.

Already have an account?

About Cyber Insurance Academy

The Cyber Insurance Academy was cultivated by the leading minds in cybersecurity and insurance, with a mission to help cyber insurance professionals stay ahead of the curve. We aim to address the industry’s educational gap and technical challenges, while fostering a vibrant community of like-minded professionals.

 

Our first-of-its-kind online campus blends a Gold-Standard CII-CPD accredited course, expert-led certification courses, industry-leading events, a top-tier content library, and a supportive, diverse and professional network that equips you with the confidence and expertise to lead in cyber insurance and make an impact.

Want cyber insurance updates sent straight to your inbox?

Skip to content