Identified by TOMRA's security operations early Sunday, the hackers had accessed some of TOMRA's technical infrastructure systems, permitting them to "traverse and access other sites."
To counter the attack, the security team shut down services and disconnected sites proactively. The services will remain offline until it is deemed appropriate to restart them.
"We have successfully started the process of establishing digital services for our Reverse Vending Machines (RVMs) on a new, independent, cloud-based platform," the TOMRA statement read. "We started contacting some customers today to get the first batch of RVMs in Europe back online."
While no new attacks have been found, the company acknowledged that the bad actors gained entry through compromised TOMRA user accounts. Subsequently, the security team identified several methods and tools used in the attack.
"The forensics team is starting to establish a picture of the cause and nature of the attack, but we continue to investigate to identify other potential points of entry and make sure we uncover the full nature of the attack," the company said.
Cyber risks and mining
As more technologies and services move online, the mining sector becomes increasingly vulnerable to cyber threats.
Earlier this month, Canadian precious metals miner Barrick Gold was included in a list of companies the Russian cybercriminal group Clop breached.
Clop is responsible for hundreds of ransomware attacks and boasts breaching 376 international companies and nearly 20 million individuals.
While Barrick has not confirmed or denied the allegations, there is undoubtedly a rise in corporate and private cyber attacks. Earlier this year, Canadian Copper Mountain Mining was the target of a cyberattack, forcing the miner to shut down operations temporarily.
In 2022, Aurubis -Europe's largest copper producer- was the target of cybercriminals. In an October statement, the copper miner alluded that the breach was "part of a larger attack on the metals and mining industry."
This was reinforced by a report from Ernst and Young, which noted that cybercriminals were threatening the industry.
"Cyber threats are evolving and escalating at an alarming rate for mining, metals, and other asset-intensive industries," it read. "Understanding the current cyber risk landscape and the threats new technologies bring is critical for planning reliable and resilient operations."
In a 2021 survey, EY found that 71% of mining participants saw an uptick in disruptive attacks, while 55% were concerned about their ability to manage a cyber threat.
"Understanding the cyber threat landscape is the vital foundational step," the report concluded. "Mining and metals companies need to have a clear plan that forms part of their digital road map and risk management plan."
