Group is recovering from attack announced two weeks ago that impacted its global IT systems. Publication of its 2024 interim results has been delayed two weeks. From Moneyweb.
Gold and platinum producer Sibanye-Stillwater decided not to engage with cyber attackers who earlier this month brought its global IT systems to a standstill.
The group has further beefed up its IT security and implemented a phased system start-up which allowed mining operations to continue with minimal disruption.
Read: Sibanye-Stillwater hit by global cyber attack
It is unclear what the cyber criminals’ demands were because, rather than engage with them, Sibanye-Stillwater chose to shut down its systems to protect them from further attacks – and through a phased approach bring them back online, which it has now done, says James Wellsted, the group’s head of corporate affairs.
He adds that the attack will have a minimal impact on the group’s annual financial performance, though publication of its June interim results has been delayed by roughly two weeks.
These results will now be published on 12 September.
“Although the cyber-attack has had limited impact on our core operations, it caused temporary system outages which resulted in the implementation of back-up manual processes on certain systems at the operations,” says the group in a statement.
The source of the attack is still under investigation. IT systems in all five countries in which the group operates were impacted.
Read:
SA’s government departments are sitting ducks for cyber attacks
New Public Works minister discloses R300m cyber-related theft from department
SA businesses vulnerable to cyberattacks
The business unit most affected was the Columbus platinum groups metals (PGM) smelter in the US, where the system shutdown delayed the smelting of underground concentrate and the recycling of used autocatalysts. Wellsted says the smelter should be fully operational again by next week.
Sibanye-Stillwater says while there was some impact on mining operations, these were not significant as it was able to employ manual systems to ensure business continuity, and expects to be able to process accumulated stockpiles in due course.
Mining groups’ vulnerability
Cyber attacks on mining groups have become a growing concern for the industry, particularly those heavily reliant on automation.
Mining groups have invested heavily in IT systems and interconnected processes as part of a drive to lower costs, but this is proving to be a vulnerability that hackers are keen to exploit.
While many such attacks go unreported, Rio Tinto announced in 2023 that some of its personnel data may have been stolen by a criminal group with a threat to release the information on the dark web. The stolen information included payroll data and employees’ family and financial information. The criminals managed to infiltrate the system by attacking third party software GoAnywhere, a piece of file transfer software used by the miner.
A few months prior to this, Canadian Mountain Mining Corporation reported a ransomware attack that forced it to shut down its copper mill.
Many mining groups prefer to keep not to discuss cyber attacks and find it easier to pay off the criminals.
Online publication Mine reported that Colonial Pipeline Company, a major oil provider on the east coast of the US, paid its attackers $4.4 million (R80 million) in May 2021.
Safety first, says Froneman
“We have prioritised the health and safety of our employees as we have worked diligently to remediate the effects of the attack and normalise our operations,” says Sibanye-Stillwater CEO Neal Froneman.
“We are pleased to have largely secured the sustainability and integrity of our systems and continue to work closely with our customers and suppliers to mitigate any potential business interruptions that may occur in the short term.
“We wish to thank all our partners and advisors for their commitment and combined efforts, which have contributed to this outcome.”
