Norsk Hydro was hit with a ransomware attack this week shutting down the aluminum manufacturer worldwide. The attack originated from the U.S and hit their entire global network. The Norway based company was hit around midnight forcing them to shut down some plants and run others manually.
Norsk is the largest global aluminum manufacturer that employs 35,000 people in about 40 countries. The company said most areas of business were hit, as well as their office operations. At this time the company said they are working on containing the situation.
The CFO of Norsk Hydro, Eivind Kallevik, during a press conference stated:
“The situation is quite severe. The entire worldwide network is down, affecting all production as well as our office operations…..Our main priority is to ensure safe operations and limit the financial and operational impact. The incident has not led to any safety related incidents as of today.”
It is believed that the variant of ransomware that hit Norsk is LockerGoga, new digitally signed ransomware. This type of ransomware encrypts files on targeted systems and demands a ransom for the decryption key.
At this time, there knowledge of when normal operations would proceed again. To minimize the effect of the malware the company isolated the plants to stop the spread of the ransom. Further, Hydro does not plan to pay this ransom and will instead use their backups to begin restoring the systems. The technical team at the company has found the root of the disruption and is working to restart the IT systems at this time.
Hydro CFO Eivind Kallevik has stated:
“I’m pleased to see that we are making progress, and I’m impressed to see how colleagues worldwide are working around the clock with dedication to resolve this demanding situation and ensure safe and sound operations”
Image credits: Norsk Hydro
Contact LIFARS today if your organization has been hit with ransomware