
One of the world’s largest producer of Aluminium, Hydro, has been hit by what could be known as a severe ransomware attack.
Hydro, which operates in 40 countries and has an employee base of over 35,000, announced that the attack began on Monday and is still active.
While production in most of the company’s factories has been halted indefinitely, some smelting plants have switched operations to manual following the attack.
Most of the smelting plants in the U.S and Norway were amongst the many plants affected by the sudden halt.
The company’s website down, but regular updates concerning the development have been posted on the company’s page on Facebook. The company has also posted public notices at the entrance to most of the plants warning their staffs to not log in to their work computers.
Instead, the employees were advised to use their mobile tablets and phones to read and respond to their emails.
Security agencies from Norway are currently looking at the possibility that the attack could’ve been caused by a new form of ransomware known as LockerGoga. They, however, noted that it was unclear if the attack was the case.
A spokesperson for the company noted that all the digital systems at Hydro’s plants were designed to ensure processes and machinery worked efficiently. But due to the ransomware attack, the systems had to be shut down at some of the plants. He noted that the machinery had the options of reverting to manual operation, so work could still continue.
The company has also revealed that with external support, the technical team has been able to identify the root cause of the attack and is working towards validating and restarting the IT infrastructure in a safe and sound manner.
The company is unclear how long it might take to get its systems running.
Experts have postulated that if the LockerGoga ransomware was indeed employed in the attack, it would have to be done manually by an attacker who gained administrator privileges to Hydro’s systems.