March 21, 2019
Aluminium Plant Hit By Ransomware Attack
Norsk Hydro, one of the worlds biggest aluminum producers, fell victim to a ransomware attack late Monday evening in the US, causing a number of their plants to grind to a halt. With more than 35,000 employees in 40 countries, the Norwegian based company had to switch many of their smelters into manual operation, which caused production to stop in some factories whilst some of their power plants remained functionally normally.
“The situation for Hydro is quite severe. The entire worldwide network is down,” said Eivind Kallevik, finance director.
Norweigan security authorities are investigating as to whether the cyber attack was caused by a relatively new strain of ransomware called, LokerGoga, the same strain which is said to have caused the cyber attack at Altran Technologies, in France earlier this year. However, this is still being investigated and a spokesman for Hydro said they are still yet to confirm the source.
The firms website was affected, forcing staff to communicate the situation via their facebook page. Staff also had to use their own devices to login to their emails, in a bid to stop the attack from spreading. The digital systems at Hydro’s main smelting plants are programmed to ensure machinery works efficiently, however due the attack, some of these systems had to be turned off. Kallevik added that the company hasn’t received any demands for a specific amount of money, nor did they pay a ransom. The company is not able to quantify the financial impact caused by the attack and severe amount of downtime, but confirmed that they do in fact have “good and strong” cyber insurance in place, which covers any business interruptions.
Luckily for Hydro they backup their data and hope to restore most of their systems via their backup servers, with the added help of Norway’s state cyber-security agency. “Hydro's technical team, with external support, has succeeded in detecting the root cause of the problems and is currently working to validate the plan and process to restart the company's IT systems in a safe and sound manner. However, it is still not clear how long it might take restore stable IT operations.”
If you’re looking to learn more about how you can prevent cyber attacks making their way into your business, why not check out our latest European Ransomware Report. Learn what other MSPs in the channel are doing to prevent these attacks and how having a reliable business continuity plan in place will help you avoid downtime and save you money in the long run.