How a Vicious and Unsuspecting Ransomware Attack, reduced a Global Company to Pen and Paper

 

Just this week a Norwegian aluminium and renewable energy consortium, known as ‘Norsk Hydro’, had their systems infiltrated and locked by a team of unauthorised individuals. This then led to a mass panic whilst the company struggled to come to terms with the fact that over 22,000 of their computers had been affected by the attack and data stored in over 40 countries was inaccessible.

 

The company was baffled at how effective and precise the initial hack was and that the hackers had claimed to have used ‘Military Grade’ encryption, this would therefore mean that recovering any of their stored data would not be as straight forward as first intended, even with all of their precautions in place.

 

The hack which affected almost all of the company’s devices had forced the entire workforce, of 35,000 individuals, to resort to legacy methods of Pen and Paper and using antiquated fax machines to send and receive documentation.

 

The attack originated over 8 months ago in March, however the individuals who orchestrated the attack had infiltrated the system some time before the attack had taken place, essentially the hackers were scoping out useful documents that they could take, all done whilst being undetected.

 

However, the company refused to pay the ransom that was demanded by the unauthorised individuals, this was a major benefit for the company as it eliminated submissive behaviour, which is what hackers thrive to achieve in order for them to be successful.

 

Additionally, the manner in which Norsk Hydro dealt with the publication of the attack within the global media was widely accepted and with the company being transparent rather than reluctant the overall image of the company retained a positive light rather than receiving criticism.

 

Finally, the overall effect that this has had on the company has been extremely negative and has lead to correction costs of over £45 Million GBP, this amount of money is not the final amount that the company estimates on spending in order to recover from the attack which left their workforce majorly restricted as they expect this number to rise substancially once systems are fully back online.