Metals & Mining
Aurubis, Europe's largest copper smelting company, sustained a cyberattack. The company believes it was targeted as part of a larger campaign against the metals sector. It responded by shutting down certain IT systems and isolating them from the Internet. Its core industrial processes have continued to function. "The production and environmental protection facilities at the smelter sites are running, and incoming and outgoing goods are also being maintained manually," Aurubis said. "Transitional solutions are being implemented to make the company's full services available to business partners again starting next week. Customers and suppliers can still reach their Aurubis contacts by phone."
March 18, 2014: Cyber attack at German Steel Mill damages equipment
A German steel mill was targeted with malware that gave the attackers access to the business network and then to the SCADA/ICS network. The event was confirmed by the German government's Federal Office for Information Security (BSI) in an IT security report. Attackers that appeared to particularly target industrial plant personnel, caused plant control components to fail, resulting in an uncontrolled furnace, which eventually caused physical damage to the steel factory.
According to a study issued by the SANS Institute, the hackers used spear-phishing attempts to obtain access to the steel mill network. The email most likely contained an attached document that, when opened, activated the malicious malware onto the system. The malware then constructed a remote connection point to establish a bridge between the attackers and the targeted industrial network by exploiting vulnerabilities in a targeted operating system. The hackers were able to modify the programmable logic controllers (PLCs) at this stage, jeopardizing the furnace's operations, which further lead to its own physical damage.
November 19, 2020: Advantech Hit By Ransomware
Ransomware attack hit Taiwan-based Advantech Co. in November, 2020 and the hackers sought 750 bitcoin or $13.8 million in exchange for the decryption key.
January 22, 2019: Nyrstar Ransomware Attack
Nyrstar said that its metals processing and mining operations were not damaged by the attack.
A cyberattack late Wednesday night has shut down Evraz North America's information technology systems across the United States and Canada, a company spokesperson confirmed on Thursday. The company also confirmed that temporary layoff notices have been issued as a result. "At this point, there has been no indication of any breach of confidential or personal customer or employee information," said Patrick Waldron, spokesperson for the company. Waldron said there is currently no timeline for resolution of the situation but it has affected internal infrastructure such as the company's email system.
May 18, 2019: Norsk Hydro Production lines stopped
Production lines had stopped at some of its 170 plants.
The ransomware LockerGoga blocked the company’s systems, forcing a switch to manual operations and workarounds. The Extruded Solutions unit, which makes components for car manufacturing, construction and other industries, reduced its output by 50%. Administrative systems, such as reporting, billing and invoicing, suffered delays. It took Norsk Hydro several weeks to bring operations back to normal.
September 15, 2020: Bluescope Shutdown of Operations
Worldwide shut down of operations