Breach cyber

Norsk Hydro

May 7, 2024 1 min read
Norsk Hydro

In March, Norsk Hydro, one of the world's largest aluminum producers, fell victim to a ransomware attack that brought production to a standstill at some of its 170 plants, forcing others to switch to manual operations. The breach ultimately impacted all 35,000 employees across 40 countries, with the financial toll nearing $71 million. The attack commenced when an employee inadvertently opened a malicious email from a trusted customer. LockerGoga ransomware encrypted files across thousands of the company’s servers and PCs, displaying a ransom note demanding payment in bitcoins for decryption. Norsk Hydro responded by refusing to pay the ransom, collaborating with Microsoft's cybersecurity team to restore operations, and maintaining full transparency about the breach to help others learn from their experience.

Source: https://news.microsoft.com/source/features/digital-transformation/hackers-hit-norsk-hydro-ransomware-company-responded-transparency/

TPRM report: https://scoringcyber.rankiteo.com/company/norsk-hydro

"id": "nor307050724",
"linkid": "norsk-hydro",
"type": "Breach",
"date": "03/2019",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"
{'affected_entities': [{'industry': 'Aluminum Production',
                        'location': 'Global',
                        'name': 'Norsk Hydro',
                        'size': '35,000 employees',
                        'type': 'Corporate'}],
 'attack_vector': 'Malicious email',
 'date_detected': 'March 2019',
 'description': "Norsk Hydro, one of the world's largest aluminum producers, "
                'was hit by a ransomware attack that impacted production at '
                'its plants and forced others to switch to manual operations.',
 'impact': {'financial_loss': '$71 million',
            'operational_impact': 'Production standstill, switch to manual '
                                  'operations',
            'systems_affected': ['servers', 'PCs']},
 'initial_access_broker': {'entry_point': 'Malicious email'},
 'motivation': 'Financial gain',
 'ransomware': {'data_encryption': 'Files encrypted',
                'ransom_demanded': 'Bitcoins',
                'ransom_paid': 'Refused to pay',
                'ransomware_strain': 'LockerGoga'},
 'response': {'communication_strategy': 'Full transparency',
              'third_party_assistance': "Microsoft's cybersecurity team"},
 'title': 'Ransomware Attack on Norsk Hydro',
 'type': 'Ransomware'}
Published by
Jeremy C
Jeremy C
You might also like
Breach cyber

Helsinki

public 1 min read
A data breach affecting Helsinki, Finland’s capital and largest employer, exposed sensitive personal data of over 300,000 people.…
Jeremy C Jeremy C
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.