Aurubis AG, Europe’s biggest copper producer, was hit by a cyberattack overnight that it said appeared to be part of a wider attack on the metals and mining industry.
The company has shut down numerous systems and had to disconnect from the internet as a preventative measure, it said in a statement on Friday afternoon, after disclosing initial details of the attack earlier in the day. Production “could largely be maintained” and it’s working with investigating authorities, it said on Friday.
“This was apparently part of a larger attack on the metals and mining industry,” Aurubis said, without giving more details. “The primary goal is to keep production and the procurement of raw materials as well as the delivery of metals and products running.”
A spokesperson for Eurometaux, the European metals association, said they hadn’t heard of other companies being attacked. Meanwhile, several large mining, smelting and fabricating companies contacted by Bloomberg News on Friday said they were unaffected.
The attack comes toward the end of a hugely tumultuous year for the European metals industry, which has been contending with extreme volatility in commodities markets in the wake of Russia’s invasion of Ukraine, and a surge in energy costs that’s forced some smelters to shut down. A debate around how to handle Russian production has been intensifying in recent weeks, and a discussion period on whether to ban Russian supplies from the London Metal Exchange comes to a close on Friday.
Aurubis has fared better than producers of other metals including aluminum and zinc, which have slashed output at their power-intensive production facilities. The company has also been looking to cut gas usage and secure alternative supplies, and is also in the process of winding down purchases of Russian copper.
Industrial companies around the world are facing a rising threat from cyberattacks that can wreak havoc on production and supply lines. In 2019, European aluminum producer Norsk Hydro ASA was forced to run its operations manually while it scrambled to recover from a ransomware attack, while a 2017 attack on pharmaceutical giant Merck & Co. caused $1.3 billion in losses.
(By Mark Burton, with assistance from Archie Hunter)