cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram Instagram

Second Australian rare-earth mineral company targeted in cyber attack

A second Australian rare-earth metals organisation has suffered a cyber attack, only weeks after Western Australia-based Northern Minerals suffered a ransomware attack.

user icon Daniel Croft
Mon, 17 Jun 2024
Second Australian rare-earth mineral company targeted in cyber attack
expand image

Iluka Resources announced that threat actors attempted to disrupt its external website through a denial-of-service (DoS) attack, but that they did not gain access to the company’s systems or exfiltrate any data.

Whilst the threat actor is yet to be identified, the attack comes just as Iluka Resources managing director Tom O’Leary called out China, claiming the country was rigging the prices of rare-earth metals to minimise the profits made by producers and gain a greater foothold on the world's mineral resources.

“This is taking place via a number of binding offtake agreements with various companies, and via ownership, as in the well documented case of Northern Minerals,” he said, continuing that Chinese state-owned entities were making attempts to control mineral deposits and rare-metal production in Australia, specifically Victoria and Western Australia.


He said, as a result, no rare-earth mineral producers are making a profit.

“No participant, regardless of geography, is making any money at today’s prices,” he said.

Just weeks before the Iluka Resources attack, another rate-earth metal producer, Northern Minerals, confirmed that it suffered a ransomware attack by the Bian Lian ransomware gang.

Bian Lian ransomware listed Northern Minerals on its darknet leak site and shared a raft of stolen documents as evidence of the hack.

According to Bian Lian, the data includes:

  • Operational data
  • Strategical data: potential projects, geological and mining researches [sic] in various countries, data on research of competitors
  • R&D data
  • Financial data
  • Employees personal data
  • Corporate email archives, including Nick Curtis and Shane Hartwig
  • Data on shareholders and potential investors

Bian Lian also shared the emails of the company’s executive chairman and chief financial officer, as well as the CFO’s mobile phone. The documents that have already been shared, however, are troubling enough.

The gang has shared hundreds of archived 7-zip folders. Some files appear to be files from the chief operating officer’s personal drive, while others are extensive HR files and files called “potential projects”. Other archives contain “management data” and another site appears to be an extensive list of email archives.

The HR files are particularly problematic, as despite being listed as “limited”, the file tree document still contains scans of dozens of employee passports, alongside details of medicals, travel requests, training and certification details, and even police clearance documents.

Daniel Croft

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.

cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.