The hacking campaign that hit Norwegian aluminium producer, Hydro has already cost the company in excess of £25m.
Last week GDPR: Report revealed that Hydro had been forced to revert to manual processes at many of its branches following a ransomware outbreak.
A number of the firm’s smelting plants were brought to a standstill, while operations were redirected through alternative channels as bosses struggled with the cyber-attack.
The primary website was forced offline, leaving Hydro to resort to Facebook in order to communicate with the outside world.
Now Hydro has stated that affected systems are slowly being brought back to life, but officials have said that the current estimated cost of the incident is in the region of 300-350 million kroner. Most of the money has been lost through the company’s Extruded Solutions division which manufactures aluminium facades.
Production has taken a 20/30% hit within the Extruded Solutions division, while one of the entity’s elements, which creates doors and windows, is reported to still be “at a standstill.”
Despite the heavy disruption, industry specialists have been quick to praise Hydro’s transparency in response to the events
In a blog, Kevin Beaumont said that the Norwegian company had demonstrated “the best incident representation response plan” he had ever witnessed.
“They had a temporary website up, they told the press, they told their staff, they apparently didn’t hide any details — they even had daily webcasts with the most senior staff talking through what was happening, and answering questions,” he added.
In a tweet, cyber-security advisor, Dale Paterson, was similarly approving of Hydro’s actions.
“Surprising, and tremendous for understanding impact, for Norsk Hydro to lay out impact by business area in this update. SEC should take note for public company reporting,” he said.
PrivSec Conferences will bring together leading speakers and experts from privacy and security to deliver compelling content via solo presentations, panel discussions, debates, roundtables and workshops.
For more information on upcoming events, visit the website.
We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.
Privacy Culture: Data Privacy and Information Security Consulting, Culture & Behaviour, Training, and GDPR maturity, covered. https://www.privacyculture.com/