Share this article on:
A second Australian rare-earth metals organisation has suffered a cyber attack, only weeks after Western Australia-based Northern Minerals suffered a ransomware attack.
Iluka Resources announced that threat actors attempted to disrupt its external website through a denial-of-service (DoS) attack, but that they did not gain access to the company’s systems or exfiltrate any data.
Whilst the threat actor is yet to be identified, the attack comes just as Iluka Resources managing director Tom O’Leary called out China, claiming the country was rigging the prices of rare-earth metals to minimise the profits made by producers and gain a greater foothold on the world's mineral resources.
“This is taking place via a number of binding offtake agreements with various companies, and via ownership, as in the well documented case of Northern Minerals,” he said, continuing that Chinese state-owned entities were making attempts to control mineral deposits and rare-metal production in Australia, specifically Victoria and Western Australia.
He said, as a result, no rare-earth mineral producers are making a profit.
“No participant, regardless of geography, is making any money at today’s prices,” he said.
Just weeks before the Iluka Resources attack, another rate-earth metal producer, Northern Minerals, confirmed that it suffered a ransomware attack by the Bian Lian ransomware gang.
Bian Lian ransomware listed Northern Minerals on its darknet leak site and shared a raft of stolen documents as evidence of the hack.
According to Bian Lian, the data includes:
Bian Lian also shared the emails of the company’s executive chairman and chief financial officer, as well as the CFO’s mobile phone. The documents that have already been shared, however, are troubling enough.
The gang has shared hundreds of archived 7-zip folders. Some files appear to be files from the chief operating officer’s personal drive, while others are extensive HR files and files called “potential projects”. Other archives contain “management data” and another site appears to be an extensive list of email archives.
The HR files are particularly problematic, as despite being listed as “limited”, the file tree document still contains scans of dozens of employee passports, alongside details of medicals, travel requests, training and certification details, and even police clearance documents.