Aluminium supplier Norsk Hydro hit by cyber attack

Will Green is news editor of Supply Management
20 March 2019

Aluminium supplier Norsk Hydro says it is still able to fulfil customer orders despite a cyber attack.

The company said it had been forced to isolate plants and operations from its global computer network and revert to manual processes following the ransomware attack in the early hours of Tuesday.

The company, which has 35,000 employees in 40 countries, has experienced some production disruption but is able to process customer orders using printouts.

Eivind Kallevic, CFO at Norsk Hydro, said: “The situation is quite severe. The entire worldwide network is down, affecting our production as well as office operations.

“We are doing all we can to minimise the impact on our customers.”

Kallevic said the virus, which locks a computer and demands payment, started in the US but they had no idea who was behind the attack. Staff are using mobiles and tablets to communicate.

Hydro said it still does not know when normal operations will resume and “it is still too early to estimate the exact operational and financial impact”.

“Work to resolve the situation and ensure safe and sound operations remain top priority, with internal and external experts on duty continuously to ensure that all possible efforts are being made,” said the company.

Tim Mackey, senior technical evangelist at Synopsys, said: “Minimally, this attack provides a lesson in the value of both network segmentation and ensuring that threat models are created, assuming the threat comes from an internal source.

“With increasingly sophisticated attacks, organisations must assume attackers could compromise internal systems as easily as they might attempt to breach a firewall into a production system.”

 Want to stay up to date with the news? Sign up to our daily bulletin.

CIPS Knowledge
Find out more with CIPS Knowledge:
  • best practice insights
  • guidance
  • tools and templates