Breach Notification , Critical Infrastructure Security , Fraud Management & Cybercrime
Australian Gold Mining Giant Hit by a Ransomware Attack
Incident Is Latest in Series of Attacks Against Mining SectorAustralian gold mining company Evolution Mining is investigating a ransomware attack that affected its IT systems but so far has not materially disrupted operations.
See Also: The Expert Guide to Mitigating Ransomware & Extortion Attacks
The company announced in a stock exchange filing Monday that it detected the ransomware attack on Aug. 8 and launched an investigation with external cyber forensic experts to determine the impact to its operations.
"The incident has been proactively managed with a focus on protecting the health, safety and privacy of people, together with the company's systems and data," Evolution Mining said. "The company does not anticipate any material impact on operations."
Evolution Mining is Australia's largest gold miner, producing over 650,000 ounces of gold in fiscal year 2023 through mining locations in Queensland, Western Australia and New South Wales and the Red Lake underground gold mine in Canada's northwestern Ontario region.
The ransomware attack on the gold mining firm follows a series of attacks on Australian mining companies since the beginning of the year. Rare earth mining company Northern Minerals in June said cybercriminals stole sensitive corporate secrets, including corporate, operational and financial information, from its systems in March (see: Australian Mining Giant Confirms BianLian Ransomware Attack).
Another rare earth mining company, Iluka Resources, experienced a denial-of-service attack on its website in June but said hackers were unable to infiltrate internal systems or servers.
Cybercriminals also targeted Australian software company Opaxe, which runs a subscription-based global software platform that collates announcements from mining companies worldwide, enabling mining industry professionals to make investment decisions, conduct analytics, search for consulting opportunities and identify potential customers.
Cybercriminals have successfully targeted other Australian mining companies since 2022, including the Copper Mountain Mining Corp., Alamos Gold and Rio Tinto, the world's second-largest metals and mining corporation. The attacks date back to 2010 when cybercriminals targeted Rio Tinto on the eve of the sentencing of former executive Stern Hu.
The Australian mining sector, which generates about $50 billion in earnings per year, employs over 1.2 million people and accounts for a large share of Australian exports. Despite being critical to the Australian economy, a study by RMIT University says that the sector suffers from low levels of awareness of ISO and ISO-EC standards and is heavily reliant on legacy systems - and that boards and senior executives have limited visibility of cyber vulnerabilities and asset management risks.
Writing for Australian Mining, Appian energy and utility account director Justin Grose said mining organizations across Australia face heightened risks of cyberattacks as they have lower security maturity compared to corporate networks.
Law firm A&O Shearman said cyberattacks on critical minerals, infrastructure and technology companies are often influenced by wider geopolitical events and carried out by threat actors undertaking corporate espionage via advanced persistent threats that remain undetected.
"These attacks may be carried out directly by nation-state-affiliated threat actors such as Typhoon (China) or Sandworm (Russia), or through proxies such as criminal gangs like BianLian and serve the dual purpose of discouraging actions adverse to nation state interests and providing a competitive advantage through corporate espionage and/or operational disruption," the firm said.