BlueScope reports cyber incident affecting Australian operations

Australian-listed BlueScope on Friday confirmed it was the victim of a cyber incident.

In a statement issued to the Australian Securities Exchange (ASX), BlueScope told shareholders its IT systems had been affected by the incident, causing disruptions to parts of the company's operations.

The incident, according to chief financial officer Tania Archibald, was detected in one of the company's US businesses.

She said BlueScope acted "promptly" to respond to the incident.

Need to disclose a breach? Read this: Notifiable Data Breaches scheme: Getting ready to disclose a data breach in Australia

BlueScope said its Australian manufacturing and sales operations were impacted by the incident, which caused the pausing of "some" processes.

The company said other processes, including steel despatches, continued to operate despite the incident through some manual processes and workarounds.

For the affected areas, BlueScope said it has reverted to manual operations where possible while it "fully assesses the impact and remediates as required, in order to return to normal operations as quickly as possible".

The company's North Star, Asian, and New Zealand businesses are continuing largely unaffected with minor disruptions.

"We are taking this event extremely seriously. Our people are working diligently to protect and restore our systems, and we are working with external providers to assist us," Archibald said. "Our focus remains on being able to service our customers and to maintain safe and reliable operations."

Speaking previously, former BlueScope Steel chief information security officer Catherine Buhler revealed that BlueScope was "caught in the crossfire" of the WannaCry attack that caused chaos globally, but said it was "really different to a targeted attack".

"It would be interesting to see what a targeted attack would actually be looking for," she said.

Within BlueScope, Buhler said at the time safety and cost drive the business.

"We've come from an environment where security was actually secondary, because the two main factors for us is safety and cost reduction, because if you're in manufacturing that's an absolute key driver," she said.

"Not only do you have to be secure, but you've got to do it very, very cheaply and very smartly."

When it comes to cyber insurance, Buhler said BlueScope was reviewing the space.

"No decisions have been made, but it's very, very clear that the only cyber event that would significantly affect our organisation, so that we would want to take cyber insurance, would be if our blast furnace was blown up -- anything else internally, we can handle that," she said.

RELATED COVERAGE

Citizen data compromised as Service NSW falls victim to phishing attack

The attack involved the illegal accessing of 47 Service NSW staff members' email accounts.

Toll attacker made off with past and present employee data and commercial agreements

Company says it will take a number of weeks to determine further details about the attack.

Australian CEOs are too overoptimistic for cybersecurity, out of touch on privacy

Only 6% of surveyed CEOs think their organisation has suffered a data breach in the last year, but 63% of their CISOs say they have, according to Unisys research. Big disconnect.

Eight reasons more CEOs will be fired over cybersecurity breaches (TechRepublic)

Security is everyone's problem, but CEOs should make sure their organisation doesn't block its success. Gartner offers eight situations for CEOs to avoid if a breach occurs within their organisation.