2 min read

Ransomware blitzkrieg has already cost Norsk Hydro $40 million

Filip TRUȚĂ

March 28, 2019

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Ransomware blitzkrieg has already cost Norsk Hydro $40 million

The ransomware attack on Norsk Hydro reported last week has so far cost the company NOK 300-350 million or around $40 million (€36 million). The company entered recovery mode on Tuesday, with some departments still operating manually.

The Norwegian aluminum and renewable energy company revealed last week it was battling “an extensive cyber-attack” that hit its systems on March 18 and escalated overnight. The incident was soon confirmed as a ransomware infection that forced Hydro, which operates in around 50 countries, to shut down its entire global network. Based on a leaked internal memo, the attackers reportedly used LockerGoga to infect Hydro”s systems.

This week, Hydro released an update saying most operations are now running at normal capacity, with only one business area remaining almost halted.

“A week after Hydro became subject to a cyber attack, most operations are running at normal capacity,” the company said. “In the most affected business area, Extruded Solutions, production is now at 70-80%, except for the Building Systems business unit, where operations remain almost at a standstill.”

Extruded Solutions, the company”s aluminum production facilities, are located in Europe and North America.

Workers still relying on pen and paper at Norsk Hydro extrusion plant in Portland, Oregon Credits: Norsk Hydro

Hydro estimates it has so far incurred 300-350 million krone in damages, which translates into roughly 40 million U.S. dollars, or 36 million euros. Most of the costs, Hydro says, stem from lost margins and volumes in the Extruded Solutions business area. It also notes that it has a solid cyber risk insurance policy with recognized insurers, but stops short of saying that the insurer will actually cover all the costs.

Hydro has reported the attack to Norway”s National Investigation Service and is cooperating the Norwegian National Security Authority (NSM) to further investigate.

It is believed that the same LockerGoga operators this week turned their sights on two chemicals companies in the United States, Hexion and Momentive. Unlike other ransomware families, LockerGoga comes with a ransom note that invites victims to negotiations over email for the price of the decryption key.

tags


Author



Right now

Top posts

Threat actors impersonate Canadian gas retailer to deliver malicious OneNote phishing campaign, Bitdefender Labs warns

Threat actors impersonate Canadian gas retailer to deliver malicious OneNote phishing campaign, Bitdefender Labs warns

January 26, 2023

2 min read
Spammers phish eager vacationers with travel-themed lures, Bitdefender Antispam Lab warns

Spammers phish eager vacationers with travel-themed lures, Bitdefender Antispam Lab warns

January 19, 2023

4 min read
Enhance your cyber resilience and privacy on Computer Security Day in four easy steps

Enhance your cyber resilience and privacy on Computer Security Day in four easy steps

November 29, 2022

2 min read
How to monitor your online privacy during your Thanksgiving trip

How to monitor your online privacy during your Thanksgiving trip

November 22, 2022

3 min read
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

November 16, 2022

6 min read
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

November 14, 2022

5 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

U.S. Department of Health and Human Services Hits ‘Banner Health’ with $1.25 Million Fine U.S. Department of Health and Human Services Hits ‘Banner Health’ with $1.25 Million Fine
Silviu STAHIE

February 03, 2023

1 min read
More than 150,000 Traffic Lights in the US Have a Critical Vulnerability More than 150,000 Traffic Lights in the US Have a Critical Vulnerability
Silviu STAHIE

February 02, 2023

1 min read
Killnet Attacks European Hospitals, including UMCG in the Netherlands Killnet Attacks European Hospitals, including UMCG in the Netherlands
Silviu STAHIE

February 02, 2023

1 min read