NSW mining department hacked


The NSW Department of Industry, Resources and Energy has been the target of hackers.

The Department’s Maitland office came under attack in an attempt to access confidential resources commercial information, according to the Daily Telegraph.

“In December, our IT systems noticed a marked increase in virus activity around our Maitland office,” a Department spokesperson told the Tele.

“The attacks were identified by specialist software we have in place to detect breaches to our firewalls. Given the ­increased levels of activity, we took further steps to ensure our systems were protected.

“We do not believe the ­attacks penetrated our systems, or that any data was ­accessed at this time.”

However they are yet to identify the person or groups behind the attack.

This is not the first time miners and mining information have come under attack by hackers.

In 2011 hackers broke into Federal Parliamentary email accounts to gain access to emails between ministers and Australian companies mining in China.

These hacking incursions came on the back of earlier Wikileaks releases showing BHP’s CEo at the time, Marius Kloppers, expressing his concern over Chinese surveillance and interference in BHP’s operations.

A recent E&Y Global Information Security Survey also highlighted mining and metals companies and associated groups becoming a target for hackers.

“The centralisation of many business functions across the supply chain as a result of increasing mining company cost rationalisation has made mining firms easy targets,” it explained.

“The centralisation of business functions has translated into the need for a more sophisticated IT system and network infrastructure to connect the geographically diverse workforce, which increases an organisation’s exposure to, and dependence on, the internet.

“With the trend toward remote operation to improve operational integration and cost efficiency, there is a convergence of IT and OT [Operations technology] which provides cyber hackers an access path to the operations systems from the internet. Further, OT systems are inherently less secure as many old systems were not designed with security in mind,” EY observed.

Meanwhile, mining companies also face possible threats from the intelligence agencies and the military of sovereign states and their funded “unofficial affiliates,” who have become increasingly active in cyber warfare to target key industries, “posing a real threat to mining and metals organisations, it added

“The objective may be the passive collection of commercially sensitive intelligence to assist national or state-owned companies in contract negotiations,” EY acknowledged.

Nevertheless, “the possibility of it being more sinister, with the use of malware to incapacitate important facilities…should not be ruled out.”

Activists’ use of cyber hacking to pursue a political agenda “is a real risk in today’s operation environment, E&Y warned. 

“More militant and extreme activists can turn to cyber-attacks “to disrupt mining and metals companies’ activities, expose confidential information and create communications mischief, such as defacing websites or triggering false announcements.”

According to those in the IT security industry, computer hacking happens far more often than most people think.

David Higgins, ANZ Regional Director for WatchGuard Technologies, said thinking by miners, particularly smaller companies, that they could never be a target for hackers is a huge mistake.

“We never read about smaller companies being hacked, but it happens all the time.”

And according to Higgins the hacking often materialises through downloading innocuous looking Windows files and PDFs.

“There are still many malforming PDF files circulating, as well as Word and Excel macros with malicious capabilities.

“They are generally the older ones, but they are still around, and people still fall for them.

“The problem is there are a lot of signatures out there to catch bad files, but eventually you have to push some of the older ones off the system simply because you don’t have enough room for the newer ones in your system. The older ones can come around again, and even though we have seen them before, they can reinfest.”