Ma­li­cious Ran­somware At­tack Shuts Down Alu­minum Gi­ant Norsk Hy­dra

Distinguished Magazine - - CONTENT - NAMRATA GULATI SAPRA

Norsk Hy­dra had been hit by file-en­crypt­ing ran­somware that sped at a fast pace within the US op­er­a­tions of the com­pany. On March 19, 2019, Norsk Hy­dra, the fa­mous alu­minum gi­ant of Nor­way re­vealed that it was forced to shut down be­cause of a dis­rup­tion caused due to a ran­somware at­tack.

Ac­cord­ing to Eivind Kal­le­vik, the chief fi­nan­cial of­fi­cer of the gi­ant corp, Norsk Hy­dra had been hit by file-en­crypt­ing ran­somware that sped at a fast pace within the US op­er­a­tions of the com­pany. He fur­ther stated, “the en­tire world­wide net­work of the cor­po­ra­tion is shut down as of now, thereby im­pact­ing their of­fice op­er­a­tions as well as their pro­duc­tiv­ity.” The com­pany said that they were do­ing ev­ery­thing pos­si­ble to com­bat the sit­u­a­tion to en­sure the safety and the se­cu­rity of the staff.

Norsk Hy­dra is the big­gest alu­minum sup­plier in the world and owns about 35,000 em­ploy­ees work­ing glob­ally, in about 40 coun­tries.

The at­tack was ini­tially de­tected by some em­ploy­ees around mid­night in Nor­way. The halts caused by var­i­ous man­u­fac­tur­ing plants were caused as the com­pany was un­able to con­nect to pro­duc­tion sys­tems. After the at­tack, the em­ploy­ees were ad­vised not to con­nect any of their de­vices to the com­pany’s net­work as that would com­pro­mise their per­sonal data. After the news of the at­tack went pub­lic, the Na­tional Se­cu­rity Author­ity of Nor­way in­ves­ti­gated the mat­ter and re­sponded via email say­ing, “the in­fec­tion is likely caused by a dig­i­tally signed ran­somware, named Lock­erGoga”, which was un­heard of; till the at­tack.

The ran­somware is de­signed in such a way so that it tar­gets files, locks them down and then de­mands a ran­som in re­turn for a de­cryp­tion key. Also, the ran­somware can only be de­tected by a hand­ful of anti-mal­ware soft­ware and it does not re­quire a net­work con­nec­tion or a command to get in contact with the files like other ran­somware strands.

When asked, Kal­le­vik said that they have good backup solutions and thus would not be mak­ing any deals of pay­ment with the hack­ers. Al­though the fi­nan­cial losses re­ported at this cur­rent sce­nario is found to be min­i­mal, but if the sit­u­a­tion re­mains stag­nant they could come un­der a cri­sis. The com­pany says it is very early to de­ter­mine the op­er­a­tional and fi­nan­cial im­pact of the sit­u­a­tion, and they would still need some time to cope with the sit­u­a­tion.

Al­though the com­pany is try­ing its best to ful­fill cus­tomer orders which were due, by ad­vis­ing em­ploy­ees to com­mu­ni­cate with the cus­tomers via their per­sonal net­work and de­vices, they would still need to re­store the IT sys­tems to ac­cess the orders made by their cus­tomers. At this time, it is also not known if the data that had been breached by the ran­somware was con­fi­den­tial and cru­cial to the com­pany or not.

Hope­fully, Hy­dra has cy­ber in­surance and thus for the time be­ing, their main mo­tive to get hold of the cul­prit and get ac­cess to their data and also to en­sure that no mal­ware at­tacks hit the com­pany again in the long run.

The com­pany suf­fered a fall in shares by 1% after the at­tack was re­ported and the of­fi­cial state­ment was re­leased.

Newspapers in English

Newspapers from India

© PressReader. All rights reserved.