Norwegian aluminium giant Norsk Hydro announced Tuesday that it was crippled by “an extensive cyber-attack” on its servers, forcing it to switch to manual operations in some smelting locations.
The Norwegian National Security Authority, which is in charge of cyber security in the country, said the company was hit by the LockerGoga ransomware strain.
“Hydro became victim of an extensive cyber-attack in the early hours of Tuesday (CET), impacting operations in several of the company’s business areas,” the company said.
Norsk Hydro’s IT department noticed “unusual activity” on its servers around midnight, company officials said at a press conference in Oslo.
“As the attack was spreading throughout our business, we did take measures to contain and neutralize the attack,” Eivind Kallevik, Norsk Hydro’s chief financial officer, told reporters Tuesday. “We have now isolated all our plants and operations and are switching to somewhat more manual operations and procedures as far as possible throughout the operations.”
Administration and production planning was affected, “causing some production challenges and temporary stoppages at several plants,” Kallevik said. Plants outside Norway did not seem to have been hit, he added.
“Let me be clear! The situation for Hydro through this is quite severe,” Kallevik said. “The entire worldwide network is down, affecting our production and our office operations.”
The company is working hard to contain and resolve the situation and to ensure the safety and security of its employees, he added.
The Norwegian National Security Authority is using its own expertise but has also reached out to allies, said Bente Hoff.
Related stories from around the North:
Sweden: Sweden police chief granted Canadian company access to sensitive data, Radio Sweden
United States: Unsecured database discovered with information from about 600,000 Alaska voters, Alaska Public Media