Ransomware is a strain of malware whose very name sends shivers down the spine of most business owners but not all companies are taking sufficient measures to mitigate against this threat.
Indeed, one recent attack on Norsk Hydro served as a reminder that it is not just smaller companies who are vulnerable to this threat. Even the big players, with their sophisticated IT systems, are open to exploitation.
Norway-based Norsk Hydro, one of the world’s largest makers of aluminium, employs 35,000 people in up to 40 countries. The cyberattack, first detected by the company’s IT experts in March 2019 left the aluminium producer struggling to maintain operations despite shutting down some plants and going into manual mode for others.
Norway’s national CERT, NorCERT, reported that the attack was powered by a relatively new piece of ransomware named LockerGoga and that it may have also involved an attack on the company’s Active Directory system. NorCERT has warned other Norwegian companies about the attack.
LockerGoga is also believed to have been used earlier this year in an attack aimed at French engineering consultancy Altran Technologies.
What they lost is productivity they gained in reputation
It has been over three months since Norsk Hydro’s IT systems were compromised and, most worrying of all, the company admits it is still several months away from making a full recovery. They estimate it has cost them more than £45m.
But some industry experts say that what they have lost in monetary terms, they may have gained in reputation due to the honourable way they responded.
Norsk Hydro’s approach has been described by law enforcement organisations as “the gold standard” – not only because they refused to pay the hackers but because of the openness and transparency they have shown to the outside world about their experience.
The overriding message to SMEs everywhere is that if this can happen to the big boys, it can happen to you. If you have any concerns over your own data security, you should seek professional advice today.