Oslo-based aluminum producer Norsk Hydro ASA has acknowledged being the victim of a cyberattack that affected its operations and procedures at several production locations, both in Europe and the United States.
In an update posted to its website on Thursday, March 21, Norsk states, “The attack has been reported to Norway’s National Investigation Service (Kripos), and the police have opened an investigation.”
The company says it is has “made further progress in securing safe and stable operations across the company,” but although the situation is “progressing from day to day, it is still not clear how long it might take to restore stable IT operations.”
The update indicates the company’s scrap-fed Extruded Operations business unit has been among the most seriously affected. “Extruded Solutions is currently running at approximately 50 percent of normal capacity,” states the firm as of March 21. “Progress has been made, with restart of some plants as well as utilizing [inventory] to keep delivering to customers. Extruded Solutions is working hard to enable further restarts during the coming days, which would allow for continued deliveries to customers.”
That contrasts with the firm’s Energy and Bauxite & Aluminum business units, which Norsk Hydro describes as “running as normal.”
The company says of its Rolled Products business unit that “production is running mostly as normal, with only a few exceptions,” while in its Primary Metal operations, “production is running as normal, with [a] higher degree of manual operation.”
Hyrdo’s Extruded Solutions business unit has more than 100 locations “with local manufacturing in approximately 40 countries,” according to the firm. The company claims to use more than 50 percent scrap content in its extruded products, stating on its website, “More than half of the aluminum that you receive from us in product form has been used before.”
The company has 21 extrusion plants in the U.S., three in Canada and two in Mexico. In Europe, Hydro has more than 60 extrusion facilities throughout the continent.
Norsk Hydro announced it had been victimized by the attack on Tuesday, March 19. It claims to have discovered the situation in the early morning hours (Central European Time) that same day.
“Experts from Microsoft and other IT security partners have flown in to aid Hydro in taking all necessary actions in a systematic way to get business critical systems back in normal operation,” states Jo De Vliegher, Norsk Hydro’s head of information systems, as of March 21.
“With a systematic approach, our experts are step by step restoring business critical IT based functions to ensure stable production, serve our customers and limit financial impact, while always safeguarding our employees’ safety,” states Norsk Hydro Chief Financial Officer Eivind Kallevik in the same March 21 update.