Pierluigi Paganini March 27, 2019

Norwegian aluminum giant Norsk Hydro estimates more than $40 million losses in the first week following the ransomware attack that disrupted its operations.

Last week Norwegian Norsk Hydro, one of the biggest Aluminum producer, suffered an extensive cyber attack that impacted operations in several of the company’s business areas across Europe and the U.S.

The news of the cyber attack had an immediate economic impact and caused a drop in the share price of 2.0 percent in early trading on the Oslo Stock Exchange.

Now the company estimates that in just one week after the ransomware attack has more than $40 million losses.

The company systems were infected with a variant of the LockerGoga ransomware starting on March 18. The same ransomware is believed to be the threat that hit two major US-based chemical companies, Hexion and Momentive, in the days after the Hydro attack.

Even if it is soon to provide a precise estimate on the financial impact for the cyber attack, in an update provided by Norsk Hydro on Tuesday, the company estimated losses between 300-350 million Norwegian crowns ($35 – $41 million).

According to the company, the majority of the losses were in the Extruded Solutions area, which has suffered major damages after the attack.

“A week after Hydro became subject to a cyber attack, most operations are running at normal capacity. In the most affected business area, Extruded Solutions, production is now at 70-80%, except for the Building Systems business unit, where operations remain almost at a standstill.” reads the update published by the company.

“It is premature to give any precise or detailed overview of the financial impact at this point. Based on a high-level evaluation, the preliminary estimated financial impact for the first full week following the cyber attack is around NOK 300-350 million, the majority stemming from lost margins and volumes in the Extruded Solutions business area.”

“Hydro has a solid cyber risk insurance policy with recognized insurers, with global insurer AIG as lead,” the company stated.

Hydro reported a production rate of 70-80% in Extruded Solutions, including Extrusion Europe, Extrusion North America, and Precision Tubing. The company confirmed that the Building Systems unit is almost completely halted, while on Friday, the Extruded Solutions unit had been running at roughly 50% of the ordinary capacity. According to Norsk Hydro, its staff could take weeks before restoring a completely normal situation.

“Based on current progress the expectation is for Building Systems to gradually ramp up production and shipments during the week,” the company said.

Hydro confirmed to have locked out the threat and cleaned up all the infected systems, it did not pay the ransom and restored the servers using backups.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – Norsk Hydro, ransomware)

[adrotate banner=”5″]

[adrotate banner=”13″]