Some miners “woefully unprepared” for cyberattacks, says ethical hacker

[Redator]

Perth-based cybersecurity specialist Matt Breuillac of Cyber Node Perth-based ethical hacker – or ‘white hat’ – is warning that some miners, mining contractors and energy companies and their service providers are currently easy to hack and they should be testing their protections against cyber-attack more rigorously.  

Originally from France, Breuillac has worked as a chemical engineer in the nuclear industry as well as supervised the emergency procedures for uranium mines in Kazakhstan.  

“Some mining companies (particularly tier two and tier three miners in Australia) are woefully unprepared in their cyber-security protections and many are a decade behind Europe,” Breuillac said in a news release. 

“Cyber-attackers, as we know, can potentially cause havoc in operations of mining and energy companies,” Breuillac said.  

Attackers can interrupt communications in remote locations, which could result in failures to accurately monitor correct supplies of fuel or other mine inputs.  

Ransomware attack on mining operations “almost inevitable,” says cybersecurity expert

“Remote vehicles and moving components of processing plants, including water supply, could also potentially be hacked and interrupted,” Breuillac said. “Basically, anything that is connected on a computer system can be interfered with by hackers. Hackers could be based in Australia or overseas.” 

Hackers could be private individuals looking for ransom money or even acting on behalf of overseas countries such as China, North Korea or the US, Breuillac noted.  

Cyber-attacks on mining companies are growing and costing the mining and energy industries millions of dollars. In 2023, Rio Tinto was hit by a large-scale leak of employee details on the dark web and Alamos Gold  also experienced leaks of confidential documents.  

In 2022, the Copper Mountain Mining Corporation was forced to shut its mill after a ransomware attack. In 2024, in Western Australia, rare earths producer Iluka Resources announced threat actors attempted to disrupt its external website through a denial of service (DoS) attack but they didn’t gain access to company data. Also in 2024, Northern Minerals announced it was subject to a ransomware attack by the Bian Lian ransomware gang.  

The gang listed Northern Minerals’ stolen documents on its dark web site. In 2025, an Edith Cowan University professor in Western Australia told Australia’s Mining Monthly that if a cyber-criminal was to take out WA’s mining sector, then Australia’s annual revenue could be cut in half. 

Breuillac says solid preparation now can, potentially, prevent millions of dollars being lost in future.  

“We also know that cyber-attacks can impact your company’s bottom line as well as its stable growth, and social licence,” he said. “If you are slack with your cybersecurity hygiene – customers, investors and other important stakeholders – may desert your service or products. Over the long-term, cybersecurity preparedness builds trust and reputation.” 

 Watch Horizon Power case study here.