Beginning in the early hours of last Tuesday, March 12, global Aluminum manufacturer, Norsk Hydro, became yet another victim of a cyberattack. The attack shut down many of the Oslo-based company’s automated production lines operating in several different continents, forcing a quick switch to manual production.

The attack came, it is suspected, from within the U.S. as part of the so-called LockerGoga ransomware  that encrypts all files unless companies pay up for the decrypting key. Norsk Hydro didn’t disclose the amount demanded and didn’t pay up, and as of this writing it appears to be on its way to restarting operations with backup files.


The Commodities Sector a High Risk Target for Cyber Attacks

The Norsk Hydro ransomware calamity is no isolated event. It’s only the latest to hit the commodities sector. In January, zinc smelter Nyrstar NV was hit as was French technology maker Altran, damaging global operations for both companies. Also hit by cyberattacks in recent months were Saudi and Russian oil giants Aramco and Rosneft PJSC, and Archer-Daniels-Midland, one of the world’s largest agricultural processors and food ingredient providers.


Responding to a Ransomware Crisis

In each one of these crises, one can easily picture the stressful, full-court press the IT team members would be engaged in. They’re on the front lines fighting for the life of the company, trying to identify how the malware penetrated the company’s firewalls and scrambling to find ways to recover.

While the IT forges ahead, the overarching corporate crisis team would have been quickly mobilized after realizing the attack as an existential threat to the organization’s business mission. One can speculate that these global companies have each availed themselves of a crisis management mobile app capable of convening the crisis team within minutes once IT alerted them of the attack. The crisis team would then be able to use its mobile app to stay in close, two-way communication with IT team members who are so central to the management of the crisis.

But central as the IT team members are to managing the crisis, their efforts are only part of the story. The corporate crisis management team would also have its hands full. With two-way communications established with the IT team (likely as well as with law enforcement on several different continents), the most recent updates regarding the attack can then be used in a raft of actions and communications. These would have to be executed by the crisis team in a timely way — each one strategically sound and legally scrutinized.


The Norsk Hydro Cyber Attack Crisis Response

In the Norsk Hydro situation, which is representative of all the commodity companies that have been recently attacked, Norsk Hydro’s crisis team had to take actions that included…

  • All 35,000 employees in 40 countries had to be alerted quickly and, among other directives, instructed not to connect their devices to the company’s computer system.
  • Some of these employees had to be tasked with operating computer-controlled production lines manually.
  • Shareholders needed to be alerted to this very material event, particularly the  Norwegian government, which is Norsk Hydro’s largest shareholder with a 34 percent stake in the company.
  • Customers needed to be informed about the possibility of shipment delays.  Legal experts were needed to weigh in on all internally and externally directed communications.

To its credit, Norsk Hydro has done an outstanding job of communicating openly and in a very timely way with stakeholders about its crisis, providing frequent updates.

But the Norsk Hydro ransomware attack is a lot for a crisis team to handle, and one can only imagine the stress and sleeplessness its crisis team members are under as they engage in the still-ongoing, highest-stakes crisis management.


Preparing for Ransomware Attacks

How can the crisis team members at Norsk Hydro or any other company under a potentially devastating cyberattack stay calm and operate effectively? The one step that would help immeasurably would be for them to have reliable, state-of-the-art crisis management software – a technology platform that makes it easier for a team to work through all the diverse steps that have to be taken to be maximally effective in managing the crisis.

It seems evident that global commodities companies can anticipate more such ransomware and other kinds of cyberattacks. A crisis management mobile app put in the hands of crisis team members gives them an orderly framework for managing a crisis wherever they are in the world. The technology reduces their inevitable stress by ensuring that team communications are instantaneous and that every task is assigned, tracked and archived in a disciplined, timely manner.

Ransomware is here to stay as a potentially devastating cyber attack threat that we all face. Which is all the more reason to be prepared for the worst, that we may may bring about the best outcome.