Attacks and Vulnerabilities
Critical infrastructure
Mining, Oil & Gas
News
Threat Landscape

Hackers strike mining company Freeport, leading to limited impact on production 

August 14, 2023
Hackers strike mining company Freeport, leading to limited impact on production 

American mining company Freeport-McMoRan announced Friday it is investigating a cybersecurity incident affecting its information systems. The company said that it is assessing the impact and proactive measures are being taken to address the situation, while it is ‘working closely with third-party experts and law enforcement.’ 

Often called Freeport and based in the Freeport-McMoRan Center, in Phoenix, Arizona, the company confirmed in a cybersecurity update that ‘there has been limited impact on production.’

It added that transitional solutions are being planned and implemented to secure information systems as quickly as possible. FCX continues to prioritize safety and responsible production practices. 

Freeport added that a prolonged disruption could have an impact on future operations at the world’s largest producer of molybdenum, as well as a major copper producer. 

With operations in North and South America, the company also operates the world’s largest gold mine, the Grasberg mine, located in Papua, Indonesia. 

Earlier this year, Copper Mountain Mining issued an operational update on the ransomware attack that affected IT systems at its Copper Mountain Mine and corporate office in late December. The company confirmed that production has resumed and that through this downtime, it has been shipping copper concentrate to the Port of Vancouver from mine inventory while it maintained its planned shipping schedule.

Threat intelligence firm Mandiant identified and investigated last June a subset of information operations activity that it attributes to the ‘Dragonbridge’ campaign across social media that targeted the Australian rare earth mining company, Lynas Rare Earths Ltd. The content criticizes its alleged environmental record and calls for protests of its planned construction of a rare earth processing facility in Texas.

Researchers at Microsoft’s cyber-physical system team identified last week multiple high-severity vulnerabilities in the CODESYS V3 software development kit (SDK), a software development environment widely used to program and engineer programmable logic controllers (PLCs). The exploitation of these discovered vulnerabilities, which affect all versions of CODESYS V3 before version 3.5.19.0, could put operational technology (OT) infrastructure at risk of attacks, such as remote code execution (RCE) and denial of service (DoS).

Anna Ribeiro
Industrial Cyber News Editor. Anna Ribeiro is a freelance journalist with over 14 years of experience in the areas of security, data storage, virtualization and IoT.

A complimentary guide to the who`s who in industrial cybersecurity tech & solutions

Free Download

Related

Dragos reports decline in ransomware attacks on industrial sector amid law enforcement measures
Dragos reports decline in ransomware attacks on industrial sector amid law enforcement measures
MITRE's CREF Navigator aligns with DoD's CMMC to boost cyber resilience in defense industrial base
MITRE’s CREF Navigator aligns with DoD’s CMMC to boost cyber resilience in defense industrial base
UK’s NCSC debuts CAF v3.2 to address rising threats to critical national infrastructure, boosts cybersecurity readiness
UK’s NCSC debuts CAF v3.2 to address rising threats to critical national infrastructure, boosts cybersecurity readiness
Cisco Talos details ArcaneDoor campaign found targeting perimeter network devices across critical infrastructure
Cisco Talos details ArcaneDoor campaign found targeting perimeter network devices across critical infrastructure
Forescout report warns of growing security risks to critical infrastructure as OT/ICS exposed data escalates
Forescout report warns of growing security risks to critical infrastructure as OT/ICS exposed data escalates
ASIS Foundation reports on impact of autonomous vehicles on security and technology
ASIS Foundation reports on impact of autonomous vehicles on security and technology
European Commission makes €112 million investment in AI, quantum research under Horizon Europe program
European Commission makes €112 million investment in AI, quantum research under Horizon Europe program
MITRE unveils ATT&CK v15 with upgraded detections, analytic format, cross-domain adversary insights
MITRE unveils ATT&CK v15 with upgraded detections, analytic format, cross-domain adversary insights
RMC
Risk Mitigation Consulting acquires Securicon, boosting cybersecurity and mission assurance offerings
Hackers target Tipton Municipal Utilities wastewater treatment plant, prompting federal investigation
Hackers target Tipton Municipal Utilities wastewater treatment plant, prompting federal investigation