Saturday April 6, 2019
Synopsis:
One of the world’s biggest aluminum producers, multinational manufacturer Norsk Hydro, announced that it had been hit by a ransomware attack of unknown origin, with hackers demanding a ransom.
The attack caused severe damage to the corporate network by disabling network communications on every computer, encrypting files and changing local user accounts to prevent recovery procedures.
Norsk Hydro’s incident response team isolated part of the production facilities moved some plants to manual or semi-manual operations and brought external IT and cyber security experts in to assist in investigation and recovery operations.
Although the exact incident details are still unclear, we will focus our analysis on this architectural issue.
