Ransomware cyber

Norsk Hydro

May 13, 2024 1 min read
Norsk Hydro

In March 2019, Norsk Hydro, a global aluminum company, was hit by LockerGoga ransomware affecting all 35,000 employees across 40 countries, disrupting production lines, and forcing manual operations. The financial impact was near $71 million as hackers deployed the ransomware through a trusted customer's infected email opened by a Norsk Hydro employee. Despite the severity, Norsk Hydro made three decisions: refusing to pay the ransom, collaborating with Microsoft’s cybersecurity team to restore operations, and maintaining transparency throughout the crisis. This approach of sharing their experience publicly received worldwide praise.

Source: https://news.microsoft.com/source/features/digital-transformation/hackers-hit-norsk-hydro-ransomware-company-responded-transparency/

TPRM report: https://scoringcyber.rankiteo.com/company/norsk-hydro

"id": "nor423051324",
"linkid": "norsk-hydro",
"type": "Ransomware",
"date": "03/2020",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"
{'affected_entities': [{'industry': 'Aluminum',
                        'location': 'Global',
                        'name': 'Norsk Hydro',
                        'size': '35,000 employees',
                        'type': 'Company'}],
 'attack_vector': 'Email',
 'date_detected': 'March 2019',
 'description': 'In March 2019, Norsk Hydro, a global aluminum company, was '
                'hit by LockerGoga ransomware affecting all 35,000 employees '
                'across 40 countries, disrupting production lines, and forcing '
                'manual operations. The financial impact was near $71 million '
                'as hackers deployed the ransomware through a trusted '
                "customer's infected email opened by a Norsk Hydro employee. "
                'Despite the severity, Norsk Hydro made three decisions: '
                'refusing to pay the ransom, collaborating with Microsoft’s '
                'cybersecurity team to restore operations, and maintaining '
                'transparency throughout the crisis. This approach of sharing '
                'their experience publicly received worldwide praise.',
 'impact': {'brand_reputation_impact': 'Worldwide praise',
            'financial_loss': '$71 million',
            'operational_impact': 'Manual operations',
            'systems_affected': 'Production lines'},
 'initial_access_broker': {'entry_point': "Trusted customer's infected email"},
 'motivation': 'Financial',
 'ransomware': {'ransom_paid': 'Refused to pay',
                'ransomware_strain': 'LockerGoga'},
 'response': {'communication_strategy': 'Transparency',
              'third_party_assistance': 'Microsoft’s cybersecurity team'},
 'title': 'Norsk Hydro Ransomware Attack',
 'type': 'Ransomware'}
Published by
Jeremy C
Jeremy C
You might also like
Ransomware cyber

Intel

public 1 min read
The Iranian ransomware-as-a-service operation, Pay2Key.I2P, reemerged after a five-year hiatus, targeting organizations in the US and Israel. The group,…
Jeremy C Jeremy C
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.