Norsk Hydro: The Latest Victim of A Ransomware Attack

One of the largest global aluminum manufacturers, Norsk Hydro has fallen victim to an unidentified ransomware attack. The incident has caused chaos in most business areas as many of Hydro’s factories were forced to halt on working until the cause is identified and the threat fades away.

What Is Hydro Known for?

Norsk Hydro manufacturers and produces aluminum products. The company’s employees put out close to half a million tons of products on an annual basis. Hydro is also an important hydroelectric power provider in the Nordic state.

About The Hydro- Attack

Norsk Hydro which employs more than 35,000 people in 40 countries is currently under cyber-attack. While other facilities are functioning normally, a number of the Hydro’s factories have been forced to hit the breaks on production. Among the affected are US factories and smelting plants in Norway. Hydro also ordered some metal extrusion plants- where employees turn aluminum into products- to stop working. The ransomware did indeed disable an integral part of the company’s smelting operations.

The company ordered to turn off the Digital systems at Hydro’s main smelting plant as a result of the attack. This is especially hard in these days as such facilities heavily rely on computerized systems. These systems help ensure that machinery works efficiently and effectively. You might notice some updates on Hydro’s Facebook page, but that doesn’t validate the company’s online presence as its website is still down at the moment. The attack, which began on Monday night is still ongoing.

How Hydro is Dealing with the Attack

The company’s directors have asked to have notices posted in some of Hydro’s offices. These posts warn employees against logging in to their computers. According to Hydro’s chief financial officer, Eivind Kallevik the company’s staff members are using their mobile phones in order to access their emails- to stay on the safe side. Some Hydro factories are making use of printed order lists due to their inability to get order data from their computers. Facilities also have to make us of uncomputerized methods so that they can get on with the production.

The Nature of the Attack

Although the cause of the cyber-attack remains unclear, Norwegian security authorities have reason to believe that it was caused by ransomware known as LockerGoga. This may or might not be the case. A Hydro spokesman didn’t comment on the issue. The company can confirm nothing as long as it doesn’t know who is responsible for the attack.

What is LockerGoga?

LockerGoga is a new kind of digitally signed ransomware. The attacker operating the ransomware gains access to files, locks them, and demands a ransom payment for a decryption key. Cybersecurity has recently discovered LockerGoga, the malicious program, under the title of ransomware. Hackers and cybercriminals who design this infection use it to access data. Afterward, they encrypt it, lock its owners out of it, and blackmail them by demanding ransom payments in exchange for decryption tools. LockerGoga adds the “.locked!?” or “.locked” extension to each encrypted file.

Hydro’s Response and Status

Kevin Beaumont, cyber-security expert said that if it was LockerGoga ransomware, the attacker would have manually installed it to Hydro’s systems. In order to do so, the attacker must have administrator access to Hydro’s systems. He went on saying: “For an industrial manufacturing business this is potentially bad news, as it may have spread across their company, including near industrial control systems.“

The company claimed to be sorting out ways to address the attack. Thankfully, no safety-related incidents occurred. However, in case there were any, the company’s data backups were ready to restore the systems. Hydro is also receiving backup from Norway’s state cyber-security agency to help mitigate and neutralize the attack.

Similar Incidents

According to security expert Kevin Beaumont, in the last month lockerGaga targeted Altran, a Paris, France-based consulting firm. As opposed to other malware, LockerGoga is needless of a network connection or a control server like others. Unfortunately, only a small amount of malware products can detect and deal with LockerGoga.

Avoid Ransomware

Holding your digital data as a hostage has only just begun. Once cyber-criminals get the hang of ransomware tactics, you’ll soon lose control over your own data. Remember, you don’t have to be a millionaire or huge business company to be at risk of ransomware. Nowadays, anyone is a target.

Ransomware is a security threat for all online users, and it is only going to go downhill from here. Ransomware attacks are pretty popular because if the data owners refuse to pay up, they threaten to destroy users’ precious data. You need to protect yourselves against ransomware by backing up your data, updating your operating systems, installing a ransomware blocker, and so much more.

Norsk Hydro, Victim of Ransomware Attack – Final Words

Being locked out of your own data and being blackmailed into paying buckets of money for its retrieval is not only frustrating but infuriating. All of your most valuable data have fallen into the wrong hands, and there’s nothing you can do about it expect cough off the dough. But, what if there was a way you could avoid such horrifying run-ins with cybercriminals and malicious malware?

You should learn what to do when you’re hit by ransomware. It would also be helpful to gain insight about file-less ransomware and how it differs from traditional ransomware. All in all, the best way to overcome and beat ransomware is by not falling victim to it, to begin with.