Ransomware attacks have become increasingly frequent on a global level, and in a new development, aluminum producing giant Hydro has become the victim of the latest such attack. It is one of the world’s biggest producers of aluminum and has a presence in as many as 40 countries across the world. It has employee strength of around 35000. The ransomware attack started on Monday night, and according to reports, it is still ongoing. In a development that would definitely demonstrate the severity of the attack, the bulk of the operations in some of its plants are now being done manually and what is even more damaging is the fact that many of the factories have had to stop operations altogether.
Employees of the company all over the world have been instructed to not use their office computers and instead, most of them are using their cell phones to get on with their normal activities. Hydro factories in the United States and plants located in Norway have been the hardest hit during the course of this attack. Although the company’s website is currently gone due to the attack, Hydro is providing updates about the developments through their Facebook page.
Security experts in Norway have been called in to look into the matter, and according to them, the type of ransomware that has been used to cripple Hydro is most likely to be something known as LockerGoga. Ransomware attacks are usually associated with a demand for money so that the problem could be fixed, but Hydro has confirmed that they are unaware of the identity of the attackers. Although one would expect that organizations of the size of Hydro would have suitable security systems in place, vulnerabilities almost always exist in the security infrastructure. It is believed that the smelting plant systems were equipped to withstand such attacks, but apparently Hydro decided to stop those systems as well. A spokesperson at the company stated,
“They are much more reliant today on computerized systems than they were some years ago. But they have the option of reverting back to methods that are not as computerized so that we can continue production.”
A cybersecurity expert told BBC that if the ransomware turns out to be LockerGoga, then it is highly likely that it was done manually rather than remotely. He went on to add,
“For an industrial manufacturing business this is potentially bad news, as it may have spread across their company, including near industrial control systems,”