Norwegian aluminum producer hit by cyberattack
By The Associated Press
By The Associated Press
March 19, 2019 – Norwegian aluminum producer Norsk Hydro said Tuesday it had been a targeted by “an extensive cyberattack” through a ransomware virus infecting its key operations and disrupting its IT systems globally.
The Oslo-based company, one of the world’s largest aluminum producers, said it had isolated its plants in Europe and the United States and switched to manual operations.
Chief financial officer Eivind Kallevik told analysts and reporters that the company has been working “to isolate and neutralize” the ransomware, describing the situation as serious.
The company’s homepage remained inaccessible Tuesday afternoon but Kallevik said most of its main operations were either working as normal or with more manual control than prior to the attack.
At plants that make extruded and rolled aluminum products, he said “there is a lack of ability to connect to the production systems, causing som production challenges and temporary stoppages at several plants.”
Kallevik said the attack was from an “encryption virus” – commonly known as ransomware because it blocks a company’s access to files or data until a payment is made to unlock the key.
“Let me be clear,” he said. “The situation for Hydro through this is quite severe.”
However, he said Hydro has extensive internal competence within its global IT organization “and we also engaged external entities to support us on this critical task of containing and resolving and neutralizing this serious attack.”
Among the external groups assisting the company is the Norweigian National Security Authority.
A spokeswoman for the authority confirmed at a joint press conference with Kallevik that it is considering the possibility that the attack was by a type of ransomware known as LockerGaga, but she said it hadn’t eliminated other possibilities.
A spokesman for the Canadian Centre for Cyber Security said it was aware of the cyber attack on Norsk Hydro but there was no impact to Canada.
Kallevik declined to rule out the possibility of paying a ransom but stressed that “the main strategy is to use the backup data we have in our system to restore operations to normal.”
He also said the financial and operational impact on the company had been minimal Tuesday but would mount if the problems persisted.
—With files from The Canadian Press in Toronto