A cybersecurity expert says Australia’s resources sector will be increasingly targeted by hackers following an attack on the country’s second-biggest gold miner.

Sydney-based Evolution Mining has told the Australian Securities Exchange it became aware of a ransomware attack impacting its IT systems on August 8.

In a statement the company said it had been working with external cyber forensic experts.

The company “believes the incident is now contained”, according to the statement.

Evolution, which declined an interview request from the ABC, said its had been focusing on protecting the privacy of its workers.

The company’s biggest operations are on the east coast, where Evolution operates the Cowal and Northparkes mines in New South Wales and the Ernest Henry and Mount Rawdon mines in Queensland.

No material impact expected

Evolution says it does not expect any material impact on it operations, which also include the Mungari gold mine near Kalgoorlie in WA’s Goldfields, which is undergoing a $250 million expansion.

The company also operates the Red Lake mine in Canada.

As of June 30 last year Evolution employed 2,729 permanent, fixed-term and casual employees, but it has since added another 400 workers after acquiring an 80 per cent stake in the Northparkes copper-gold mine last year for $US475 million.  

“The company has been working with its external cyber forensic experts to investigate the incident,” Evolution said in a statement.

“Based on work to date, the company believes the incident is now contained.

One report every six minutes

The attack has been reported to the Australian Cyber Security Centre, a part of the Australian Signals Directorate (ASD), which says it cannot comment on individual incidents.

In the ASD’s 2022-23 Cyber Threat Report, released in November, it was revealed there had been a 23 per cent increase in cybercrime reports to nearly 94,000, which was equivalent to one report every six minutes.

The average cost to large businesses was $71,600 per cybercrime report, according to the ASD, which says it briefed board members and company directors representing 33 per cent of the ASX200.

The Evolution incident is the latest cyber attack to hit WA’s resources sector after a cybercriminal group  released payroll information from mining giant Rio Tinto on the dark web last year.

It was not clear how many employees, past and present, were affected by the breach.

ASX-listed Northern Minerals was also targeted in June as Federal Treasurer Jim Chalmers ordered five international companies linked to China to divest their shares in the rare earths miner.

In that case, some details relating to current and former personnel and some shareholder information were released on the dark web.

‘Very real, very present threat’

Nigel Phair from Monash University’s Department of Software Systems and Cybersecurity said cyber attacks were on the rise across Australia.

He said the resources sector was vulnerable because of its reliance on technology and stressed that each company needed to undertake its own cybersecurity risk analysis.

“It’s a very real, very present threat and the cyber criminals that are doing this are just going to continue looking for vulnerabilities in organisations,” Professor Phair said.

“They’re in it for money and they know the mining sector has plenty of money, so they will continue to target the sector, either through the front door, through third parties or contractors, through a different variety of means.”

The latest breach comes after more than 12 million Australians had their data stolen when eScripts provider MediSecure was hacked earlier this year.

Customers also had data stolen from telecommunications giant Optus in 2022.