Serviceteam IT Security News
Norsk Hydro is still in the process of restoring its IT systems after a devastating ransomware attack last week which has already caused the firm as much as £40m ($41m).

The Norwegian firm, one of the world’s largest producers of aluminium, was forced to call in national security authorities after it suffered a malware attack on March 18.

It soon emerged that the culprit was a strain of ransomware known as LockerGoga. However, the firm refused to pay the ransom and began the process of restoring from back-ups, drafting in experts from Microsoft and other third-party tech partners to “get business critical systems back in normal operation.”

In an update on Tuesday, the firm claimed that “most operations” are now running at normal capacity. However, the most affected area, Extruded Solutions, is only at 70-80% and its Building Systems business unit is still at a standstill.

Norsk Hydro expects Building Systems to gradually ramp-up production and shipments over the coming week.

“Based on a high-level evaluation, the preliminary estimated financial impact for the first full week following the cyber-attack is around NOK 300-350 million (£26-40m, $35-41m), the majority stemming from lost margins and volumes in the Extruded Solutions business area,” the update noted.

“Hydro has a solid cyber risk insurance policy with recognized insurers, with global insurer AIG as lead.”

It will be hoping that its insurance policy hasn’t been invalidated by a lack of adequate security measures, and/or that there are no surprises in the small print.

Both DLA Piper and Cadbury’s owner Mondelez are locked in legal disputes with their insurers over multi-million claims to cover losses from NotPetya. In the latter’s case, Zurich is claiming the attack was an ‘act of war’ and therefore not covered.

“Recovering the costs of the cyberattack even with reputable cybersecurity insurers can be non-trivial,” argued Securonix VP of threat research, Oleg Kolesnikov.

“Fortunately, NotPetya had a number of differences from LockerGoga, particularly in that, as UK officials believed, a nation-state-level malicious threat actor was involved with NotPetya, and the purpose of the NotPetya attack was more along the lines of a cyber sabotage than a classic ransomware attack.”

Source: Infosecurity Magazine

With over 20 years of experience, Serviceteam IT design and deliver sophisticated connectivity, communication, continuity, and cloud services, for organisations that need to stay connected 24/7. We take the time to fully understand your current challenges, and provide a solution that gives you a clear understanding of what you are purchasing and the benefits it will bring you.

To find out how we can help you, call us on 0121 468 0101, use the Contact Us form, or why not drop in and visit us at 49 Frederick Road, Edgbaston, Birmingham, B15 1HN.

We’d love to hear from you!