This was published 3 months ago
Rare earths miner Northern Minerals hit by hackers
By David Swan and Simon Johanson
Rare earths firm Northern Minerals said some of its data had been released onto the dark web, months after the firm detected a breach of its cybersecurity protections.
“The exfiltrated data included corporate, operational and financial information and some details relating to current and former personnel and some shareholder information,” Northern Minerals told the ASX on Tuesday.
Northern Minerals is working on a rare earth project in Western Australia.
The firm said it became aware of a security breach in March this year.
It was notified on Tuesday that some of the stolen information was now on the dark web, a hard-to-access part of the internet where illegal material often circulates.
Northern Minerals has informed Australian authorities about the theft, the company said in the filing.
“The breach has not had a material impact on the company’s operations or broader systems,” it said. “Since the breach, the company has reviewed its processes and implemented actions to further strengthen its systems.”
The statement comes just a day after Australia’s government ordered China-affiliated investors to sell their shares in Northern Minerals, citing the need to protect the national interest.
The Singapore-registered Yuxiao Fund controlled by Chinese businessman Wu Tao, along with four other entities, holds shares in the mining developer.
Treasurer Jim Chalmers’ order on Monday requires Tao’s fund and four of his associates to significantly reduce their shareholdings in Northern Minerals, and is the first divestment notice the treasurer has made after more than two years in the job.
“The decision, based on advice from the Foreign Investment Review Board, is designed to protect our national interest and ensure compliance with our foreign investment framework,” Chalmers said on Monday.
“Australia operates a robust and non-discriminatory foreign investment framework, and will take further action if required to protect our national interest in relation to this matter.”
Rare earths and elements such as copper, lithium, nickel, cobalt and graphite are essential to the electrical conduits, batteries, magnets, circuitry and other components that power electric vehicles, defence applications and modern energy networks.
China dominates global production and supply of rare earths, and Western governments, including Australia’s, are scrambling to build local refining capacity and protect their supply chains.
Dan Schiappa, chief product and services officer at cybersecurity provider Arctic Wolf, said the attack seemed to be the work of hacking group BianLian, which had claimed responsibility.
In a post to its data leak site, BianLian said it had stolen Northern Minerals employee data, financial data, as well as“corporate email archives” and “data on shareholders and potential investors”.
“Although BianLian may have Chinese affiliations or threat actors, they have not been confirmed to be linked to state-sponsored activity; with that said, the series of events leading to the attack certainly raise the alarm of potential state-sponsored connections given current geopolitical tensions,” Schiappa said.
“When BianLian first began targeting businesses, they were notorious for double extortion – a combination of data encryption and data exfiltration. Data exfiltration is increasingly leveraged by threat actors because most companies have adopted backup strategies and can sometimes restore without paying a ransom.”
With Bloomberg
The Business Briefing newsletter delivers major stories, exclusive coverage and expert opinion. Sign up to get it every weekday morning.