Norsk Hydro hit by cyber attack

Pavel Kapysh / Shutterstock.com

NORSK Hydro, one of the world’s biggest suppliers of aluminium, has been hit by a ransomware attack.

The attack started in the US on the evening of 18 March and then escalated, hitting IT systems across most of the company’s operations and forcing the shutdown of several metal extrusion and rolled product plants. Employees were unable to use their computers, but could use phones and tablets. Hydro has switched many of its smelters in Norway to manual operations.

The ransomware is thought to be LockerGoga, which was also used in an attack against French engineering consultancy Altran Technologies in January. Hydro is working on reverting virus-infected systems back to a pre-infected state using back-up data, rather than paying the ransom.

In a statement issued on 21 March, CFO Eivind Kallevik said: “With a systematic approach our experts are step-by-step restoring business critical IT based functions to ensure stable production, serve our customers and limit financial impact, while always safeguarding our employee’s safety.”

Jo De Vliegher, Head of Information Systems, said: “Experts from Microsoft and other IT security partners have flown in to aid Hydro in taking all necessary actions in a systematic way to get business critical systems back in normal operation.”

There have been no reported safety incidents as a result of the attack and the company has not yet quantified the financial impact. It is unclear how long it will take to restore stable IT operations.