OSLO (Reuters) - Norsk Hydro, one of the world’s largest producers of aluminum, was battling on Tuesday to contain a cyber attack which hit parts of its production, sending its shares lower.
The company shut several metal extrusion plants, which transform aluminum ingots into components for car makers, builders and other industries, while its giant smelters in countries including Norway, Qatar and Brazil were being operated manually.
The attack, which began on Monday evening and escalated overnight, affected the company’s IT systems for most of its activities.
“Hydro is working to contain and neutralize the attack, but does not yet know the full extent of the situation,” the company said in a statement.
It added that the attack had not affected the safety of its staff and it was too early to assess the impact on customers.
The event was a rare case of an attack on industrial operations in Norway. The last publicly-acknowledged cyber attack in the Nordic country was on software firm Visma, when hackers working on behalf of Chinese intelligence breached its network to steal secrets from its clients.
Companies and governments have become increasingly concerned about the damage hackers can cause to industrial systems and critical national infrastructure following a number of high-profile cyber attacks in recent years.
In 2017, attacks later blamed by the United States on Russia and North Korea caused millions of dollars of damage to companies worldwide, crippling computers in industries from shipping to sweet making. Moscow and Pyongyang have denied the allegations.
In Ukraine, meanwhile, authorities have seen hackers knock electricity grids and transport systems offline, and an attack on Italian oil services firm Saipem late last year destroyed more than 300 of the company’s computers.
FROM CARS TO CONSTRUCTION
Hydro makes products across the aluminum value chain, from the refinement of alumina raw material via metal ingots to bespoke components used in cars and the construction industry.
“Some extrusion plants that are easy to stop and start have chosen to temporarily shut production,” said a Hydro spokesman.
The company’s hydroelectric power plants were running as normal on isolated IT systems unaffected by the outage.
The Norwegian state agency in charge of cyber security said Hydro contacted them early on Tuesday and that it was assisting the company.
“We are ... sharing this information with other sectors in Norway and with our international partners,” said a spokeswoman for the Norwegian National Security Authority (NSM). She declined to comment on the nature of the attack.
Norsk Hydro’s main website page was unavailable on Tuesday, although some of the web pages belonging to subsidiaries could still be accessed. The company was giving updates on the situation on its Facebook page.
“Hydro’s main priority now is to limit the effects of the attack and to ensure continued people safety,” it wrote in a Facebook post.
Hydro’s shares fell 3.4 percent in early trade before a partial recovery to trade down 0.9 percent by 1121 GMT. It was still lagging the Oslo benchmark index, which was up 0.9 percent.
Hydro, which has 36,000 employees in 40 countries, recorded sales of 159.4 billion crowns ($18.7 billion) last year, with a net profit of 4.3 billion crowns.
Additional reporting by Nerijus Adomaitis in Oslo, Jack Stubbs and Barbara Lewis in London; editing by Keith Weir, Emelia Sithole-Matarise and Kirsten Donovan
Our Standards:The Thomson Reuters Trust Principles.