Canadian copper mine hit by ransomware

Getty Images

A Canadian mining company has acknowledged being hit with a ransomware attack shortly after concluding a deal worth $230 million for the sale of an exploration site in Australia.

Vancouver-based Copper Mountain Mining Corp. said Thursday its IT systems suffered a ransomware attack on December 27th.

That was 12 days after announcing the sale of its Eva Copper Project and its 2,100 km2 exploration land package in Queensland, Australia.

The combined cash and considerations value of the deal was initially announced as a total of US$149 million. Three days later that was amended to US$250 million. That included US$129 million (net of withholding taxes) and gross upfront cash consideration of US$60 million, which depends on the discovery of new ore deposits.

It isn’t known if the cyber attack was related to the announcement.

In October, the world’s second-largest copper producer, German-based Aurubis, suffered a cyber attack. “This was apparently part of a larger attack on the metals and mining industry,” Aurubis said in a news release.

Meanwhile, the Bleeping Computer news site said that on Dec. 13, a cybercriminal offered to sell account credentials belonging to a CMMC employee on a hacker marketplace.

IT World Canada left a request for comment from company CEO Gil Clausen early Friday, west coast time, but no reply had been received by late Friday.

The company didn’t say if any corporate or personal data was stolen, nor if a ransom demand was made.

The Copper Mountain mine in southern British Columbia is the company’s main asset, producing approximately 100 million pounds of copper equivalent a year. It also produces smaller amounts of gold and silver. The company owns 75 per cent of the mine.

In February, the company said it had revenue of just over $136 million and net profit of $31 million.

In a news release, the company said after discovering the attack it quickly implemented its risk management systems, isolated operations, and switched to manual processes. Where possible, parts of its mill were shut as a preventive measure.

“The company’s external and internal IT teams are continuing to assess risks and are actively establishing additional safeguards to mitigate any further risk to the company,” the news release said. There have been no safety or environmental incidents as a result of the attack, it added. “Copper Mountain is investigating the source of the attack and is in contact with the relevant authorities, who are assisting the company.”

Mining companies are low on the list of targets of ransomware gangs. Generally their prime targets are national, regional and local government entities, the education sector, and hospitals.

However, mining companies have been hit. In a 2021 report, antiphishing company Ironscales listed four publicly-known attacks since 2010. The global mining industry was valued at about US$1.64 trillion in 2020, it noted. The high value of the minerals extracted, the need to use technology to communicate with remote locations, and the significant negative impacts to the global economy should anything go wrong make mining a possible target of threat actors, the report says.

Meanwhile Toronto’s Hospital for Sick Children said almost 50 per cent of priority systems have been successfully restored following a Dec. 18 ransomware attack, and others are in progress. That includes many of the systems that would have contributed to diagnostic and/or treatment delays. Patients and families should still be prepared for potential delays as work continues to bring all systems back online, the hospital said.

Source : IT World Canada