A potential ransomware attack on Norsk Hydro, one of the world’s largest manufacturers of aluminium, has forced the company to switch to manual operations in a bid to contain the breach.
Emerging reports indicate the Norway-based company’s operations are being disrupted after unusual activity was spotted on its server by IT experts. It’s understood that the attack disabled a key part of the company’s smelting operations.
The firm’s Chief Financial Officer Eivind Kallevik explained during a conference call that it does have cyber insurance in-force, however at this time it’s not known how extensive the coverage is and how any claims would deal with cyber related business interruption.
Business interruption claims often come through wider property insurance policies, meaning other insurers outside of the cyber space will no doubt be watching the developments of this attack closely.
Some reports are pointing to the LockerGoga ransomware, a relatively new malicious program which gained attention in January following the attack against engineering consulting firm Altran Technologies, as a potential culprit of the attack.
Employees have been told not to connect any devices to the company’s network.
Norsk Hydro is said to command as much as a 20% market share in European and 23% in the United States in certain areas of aluminium production and extrusion.
“Hydro is working to contain and neutralize the attack, but does not yet know the full extent of the situation,” the company said in a statement posted to Facebook.
Operations in Qatar and Brazil are also reportedly under manual operation, but the company said in a public disclosure with the Norwegian stock exchange there was “no indication” of impact on primary plants outside Norway.
“It is too early to assess the full impact of the situation. It is too early to assess the impact on customers,” the company said.
Though the extent and specifics of this breach are still unknown, a successful cyber attack on a company as large and globally active as Norsk Hydro would have the potential to echo 2017’s devastating Not Petya attack.
According to Property Claim Services (PCS) the total industry loss from the 2017 attack has now passed $3 billion, roughly 90% of which was driven by silent cyber impacts, the remainder from affirmative losses.
An update has been provided by Norsk Hydro suggesting the company’s cyber policy does include Business Interruption cover.