Rare earths miner targeted in cyber attack prior to removal of...

Rare earths miner targeted in cyber attack prior to removal of Chinese investors

An Australian company that runs a strategically crucial heavy rare earth project has been revealed to have been targeted in a suspected cyber attack as Treasurer Jim Chalmers orders Chinese investors to be removed.

On Monday Mr Chalmers instructed Yuxio Fund and four other international companies linked to China to divest their shares in Northern Minerals which operates the Browns Range mine in Western Australia's Kimberley region.

The Australian company wants to become the first substantial producer of dysprosium — a key component used in electric vehicles — outside of China.

"The decision, based on advice from the Foreign Investment Review Board, is designed to protect our national interest and ensure compliance with our foreign investment framework," Mr Chalmers said in a statement.

Northern Minerals Limited confirmed it was made aware of the hack in late March this year.

"The exfiltrated data included corporate, operational and financial information and some details relating to current and former personnel and some shareholder information.

The process of notifying relevant impacted individuals is underway and ongoing," a statement from the company said.

"The breach has not had a material impact on the company's operations or broader systems."

It said it would provide further updates as and when appropriate, and that since the breach the company had reviews its processes to strengthen its systems.

BianLian claims responsibility

The treasurer's announcement came as a suspected cybercriminal group claimed online to have successfully stolen data from the Australian mining company.

In a message posted to a data leak site, the hacker identified as BianLian boasts of having stolen operational, strategical, financial and personal employee data from Northern Minerals Limited.

Posting on the dark web the hacker also claims to have obtained "corporate email archives" and "data on shareholders and potential investors".

The Home Affairs Minister Clare O'Neil's office said it was aware of the incident and was engaging with the company.

The shadow Minister for Home Affairs James Patterson posted to X regarding the attack.

"A very serious report, which if confirmed to be sponsored by a state actor, warrants a very robust response," he posted.

According to the Australian Signals Directorate BianLian is a ransomware developer, deployer, and data extortion cybercriminal group that has targeted organisations in multiple U.S. critical infrastructure sectors since June 2022.

They have also targeted Australian critical infrastructure sectors in addition to professional services and property development.

www.abc.net.au/news/2024-06-04/rare-earths-miner-targeted-in-cyber-attack/103934020