Several commentators have praised Norsk’s response to the incident. It estimated the attack has cost NOK300–350 million (£27–31 million) so far, mainly because of having to shut down production in the extruded solutions unit, which produces aluminium components for building, electronics and transport industries. In a recent statement the company said the threat has now been contained and most operations are running at normal capacity – but that many industrial systems were still being run manually while backups were restored. Staff at 40 offices and manufacturing facilities were told to disconnect devices from the network while security experts were brought in to fix the issue.
#Hexio level 40 manual
In the immediate aftermath of the incident Norsk was forced to switch to manual production at its plants.
#Hexio level 40 software
There are several possibilities, including stolen remote desktop credentials, phishing and targeting software that hasn’t been adequately updated or patched to improve security.
Investigators aren’t 100% sure how it got into the systems at Norsk, Momentive and Hexion. He adds that LockerGoga is a relatively new and evolving ransomware, with dozens of variants. ‘The chemical, petrochemical and other relevant sectors are vulnerable to ransomware and other forms of malware due to the convergence of Internet of Things and other automation technologies.’ ‘Ransomware is easy to deploy and it proves profitable if even one victim decides to pay,’ he says. Parham Eftekhari from the Institute for Critical Infrastructure Technology in the US tells Chemistry World ransomware infections have greatly increased over the past three years. The incidents follow warnings from security experts that chemical companies are vulnerable to cyber attacks. The Motherboard report says the wording of the ransom demand to Momentive was identical to that received by Norsk. The same encryption program – called LockerGoga – is thought to be behind all three attacks. According to an anonymous employee, who spoke to Motherboard, these attacks occurred earlier than the one on Norsk, on 12 March. Both are owned by the public equity firm Apollo Global Management. Parham Eftekhari, Institute for Critical Infrastructure TechnologyĪ few days later, two US-based chemical companies – Momentive and Hexion – announced they had also been hit by cyber attacks and had shut down IT systems to contain the incidents. The chemical, petrochemical and other relevant sectors are vulnerable to ransomware and other forms of malware The malware issued a ransom note stating that files had been encrypted and demanding payments in bitcoin to restore access to data. On 19 March the global aluminium producer Norsk Hydro was forced to shut down its plants and worldwide network after a security breach led to access to files being blocked and passwords changed to user accounts across several of its corporate and production control systems.
Three large chemical manufacturing companies based in Norway and the US have fallen victim to ransomware attacks, after a program called LockerGoga gained access to systems, encrypted files and disrupted operations.
0 kommentar(er)
