How A Ransomware Attack Cost Norsk Hydro £45 Million 


What Is A Ransomware

Ransomware, one of the increasing malware cyberthreat of the 21st century, endangers enterprises and public organizations throughout the world. An unusually destructive and evolving variety of malicious software, it affects mobile devices and computers, frequently expanding across networks to other devices. Once it jeopardizes a system, it unobtrusively encrypts every information file it finds, then presents a ransom note to the user necessitating a virtual payment of thousands of dollars (As in cryptocurrencies such as Bitcoin) in replacement for the decryption codes required to reestablish the user’s locked data.

The Ransomware That Cost Norsk Hydro £45 Million

A similar ransomware attack targeting Norsk Hydro, the company has estimated that the costs it incurred because of it have reached £45 Million. The reputed global aluminum producer was the recent victim to a ransomware attack, which hit 22,000 computers across 170 different sites in 40 different countries. Norsk Hydro was in the news not just because they were a victim of the ransomware attack, but because that they never paid. The hackers were never even asked how much money they wanted. 

Chief information officer Jo De Vliegher reopens the ransom note that appeared on computers all over the company. It read: “Your files have been encrypted with the strongest military algorithms. Without our special decoder, it is impossible to restore the data.”

How The Ransomware Affected Norsk Hydro

The entire workforce of 35,000 employees had to work on pen and paper. The production lines operated with manual functions for producing molten metal. In some cases, long-retired workers came back in to help colleagues run things the old fashioned way. Even three months after the initial attack, Norsk Hydro is still many months away from making a full recovery. But the respectable factor is that they never heeded to a cybercriminals demand and took a better approach to face their misfortune. What Norsk Hydro suffered in productivity or finance, was arguably gained in reputation with their idealistic act. Norsk Hydro

Law enforcement organizations and the information security industry has regarded Norsk Hydro’s acknowledgment as The gold standard. Not only did they decline from paying the hackers, but they’ve also been entirely disclosed and transparent with the world about what had happened to them.

The golden rule when it comes to ransomware is to never pay your attackers. The FBI warns against it, as there is no guarantee that the attackers will release all hacked data back. Regrettably, due to the lack of backup or several other issues, several organizations haven’t got much choice, 

“I think in general it’s a very bad idea to pay,” says Jo De Vliegher, Chief Information Officer at Norsk Hydro. “It fuels industry and it’s probably financing other sorts of crime. It goes against our company values and we have good foundations and good people.


For several organizations, the loss from a ransomware attack extends beyond expenses and includes company reputation. While this metric is difficult to estimate, some organizations apprehend that a security conflict may defame their brand and have a negative impact on potential customers. To evade becoming victims of the widespread cyber threats and ransomware attack, corporations and public organizations such as hospitals will have to take assistance from leading-edge cybersecurity providers to keep data safe from cybercriminals. 

Post a Comment