Following yesterday’s news of an extensive malware attack on aluminium manufacturing giant Norsk Hydro, the firm’s Chief Financial Officer Eivind Kallevik has stated that its cyber insurance policy includes Business Interruption (BI), but was unable to provide further information.
“I’ll be careful going into details of the insurance coverage,” said Kallevik. “We have a good and strong cyber insurance policy in place with reputable international insurance firms and they do cover Business Interruption.”
The company’s operations were disrupted after unusual activity was spotted on its server by IT experts. It’s understood that the attack disabled a key part of the company’s smelting operations.
After detecting the anomaly, Norsk Hydro isolated all plants and operations and switched to manual operations and procedures.
In a conference today Kallevik said the attack has been reported to Kripos, a special agency of the Norwegian Police Service, and an official investigation has been opened.
“We don’t have a fixed timeline on how to restore and stabilise all of our systems, but we are pleased to report that we have had progress overnight,” said Kallevik.
“The critical development for us has been the detection of the cause, which is a prerequisite for us to start working on our plan and process to safely restart our IT systems.”
Kallevik added that despite the disruption and ongoing uncertainty, many operations are largely running as normal, and there is currently no indication of lost business at this time.
Whilst confirming that the attack was indeed ransomware in nature, Kallevik said the company is yet to have received a demand from the attack’s perpetrators.