Huge aluminium plants hit by ransomware attack | All Charts News - breaking news english

# # # # # #
Hydro company logoImage copyright Getty Images
Image caption Hydro employs more than 35,000 people

One of the world’s biggest aluminium producers has switched to manual operations at its Norwegian smelting plants following a ransomware attack.

Hydro, which employs more than 35,000 people in 40 countries, says the attack began on Monday night and is ongoing.

Some of the company’s factories have been forced to halt production though other facilities, including its power plants, were functioning normally.

The firm’s website is down but updates are being posted to Facebook.

“IT systems in most business areas are impacted,” the firm said in one statement.

Staff at some factories are fulfilling orders that have been printed out, while they are unable to access customer order data on their computers.

A spokesman told the BBC that he could not yet confirm who was behind the attack.

Notices have been posted at the entrances to some of Hydro’s offices telling employees not to log in to their computers.

Local media in Norway reported that the cyber-attack was caused by a relatively new form of ransomware known as LockerGoga. However, a spokesman for Hydro declined to confirm this.

Image caption Hydro’s main public-facing website is currently offline

Hydro told the BBC that digital systems at its smelting plants were programmed to ensure machinery worked efficiently.

However, these systems had had to be turned off.

“They are much more reliant today on computerised systems than they were some years ago,” a spokesman said.

“But they have the option of reverting back to methods that are not as computerised, so we are able to continue production.”

According to the Reuters news agency, Hydro had shut down some of its smaller metal extrusion plants.

Relying on back-ups

The firm said it was working to contain and “neutralise” the attack and added that it had not caused any safety-related incidents.

It added that it had data backups ready with which to restore systems once the virus had been dealt with.

Norway’s state cyber-security agency is also helping Hydro to respond to the incident.

Cyber-security expert Kevin Beaumont told the BBC that if the LockerGoga ransomware had been used, it would likely have been deployed to Hydro’s systems manually by an attacker.

This could have been done by someone who had gained administrator access to those systems.

“For an industrial manufacturing business this is potentially bad news, as it may have spread across their company, including near industrial control systems,” added Mr Beaumont.