Reports of an ethical
hacker from the International Institute of Cyber Security mention that Norsk Hydro, one of the world’s leading
aluminum-producing companies, has become the victim of a serious cybersecurity
incident that has impacted a critic part of its infrastructure. Due to the
incident, the company has had to perform some of its operations manually.
Norsk Hydro is one of the largest aluminum
producers in the world with operations in more than 50 countries in all
continents. The company recently revealed the incident through messages aimed at
its customers, investors and stock exchanges. At the end of the first
investigations, the security teams of the company identified a variant of the LockerGoga ransomware
in their systems.
“We have suffered an extensive cyberattack
during the first hours of Tuesday, March 19” mentions the statement issued
by Norsk Hydro. According to the ethical hacker, IT systems in most of the
company’s commercial areas have been affected, so as far as possible, Norsk
Hydro must perform multiple operations manually.
The company further clarifies that the physical
integrity of its employees is not compromised, as its smelting systems operate
in an environment isolated from the rest of Norsk Hydro’s infrastructure,
although the company will continue to operate its smelting systems manually.
A few hours later, company spokespersons
mentioned that the incident involved a ransomware infection detected at
midnight on Tuesday. “To be honest,
this is a very delicate situation for Norsk Hydro,” a spokesman
mentioned. “We have suffered a shut
down in the global network, our production and administrative operations have
been severely affected”, the spokesperson added.
The incident triggered the alert on a possible
attack campaign with LockerGoga ransomware, reported some local media. On the
other hand, the Norsk Hydro website remains offline as it only shows a link
that leads to a temporary page where the situation is explained. According to
the ethical hacker, the company is expected to regain control of its whole
infrastructure this week.
Norsk Hydro has become the second Norwegian
company to suffer a critical cyberattack over the past year after Visma, a cloud
service company, was attacked by hackers allegedly financed by the Chinese
government.
Experts say that critical attacks on large
corporations occur with disturbing frequency. Although in most cases these are
simple phishing
emails or ransomware attacks, companies should never rule out the possibility
of an attack against their critical infrastructure.
