Cyber attack on aluminium group – automated operation is no longer possible. With a turnover of 109 billion dollars, Norsk Hydro is one of the largest in its industry. On the night of Tuesday the company was attacked by hackers according to its own statements.
Norsk Hydro is active in 50 countries, plants in Europe and America affected!
The company has its own company spokesman Halvor Molland say that the situation is “very serious”. The company does not allow itself to be carried away by further statements. It is still too early to estimate or even quantify the extent of the attack.
In the meantime, however, it has turned out that the ransom commodity “LockerGoga” is responsible for the failure. The encryption strojan is still quite new in the scene. Victims of this Trojan have already been Altran Technologies. Despite NorCert’s indications that the company was in the focus of ransomware, it did not protect against infection. Since the Active Directory is affected, neither authentication nor authorization can be performed.
Cyberattacke on aluminium company – updates available on Facebook!
The Company does not only share information at the 18-minute press conference. Updates are available regularly on Facebook. Currently, you can read there that neither the damage nor the extent can be estimated for other areas. All efforts are currently focused on the elimination and containment of the Trojan.
Where the attack came from, how the Trojan made it into the company – and above all how it spread so quickly and so successfully – is not known. A good backup strategy and routines is available. This would answer the most important question for the time being. With the big waves of Petya/NotPetya the claim “No backup, no pity” has not got around for nothing. People are not injured either. The losses due to the limited position are minimal. The share, on the other hand, slips by 3%.
Group infrastructure, high budgets and automation do not protect against modern attacks!
A Ransomware attack on a company is not uncommon. On the other hand, it is not uncommon for a company of this size to be affected. Was it a targeted attack, a mail with attachment or a security hole? Let’s wait and see!
This post is also available in: Deutsch (German)