[BreachExchange] Norsk Hydro receives first cyber insurance payout of $3.6 million for breach-related losses

Wed Oct 30 10:03:55 EDT 2019

https://www.computing.co.uk/ctg/news/3083156/norsk-hydro-receives-first-cyber-insurance-payout-of-usd36-million-for-breach-related-losses

Norsk Hydro, the aluminium manufacturing firm that suffered an
extensive cyber attack in March, claimed approximately $3.6 million
from its insurers in the third quarter of 2019.

The pay-out represents just six per cent of the total $60 million to
$71 million in costs (in the third quarter) resulting from the breach.
The company said it expects more compensation to come as more costs
are totalled in coming months.

"Hydro has a robust cyber insurance in place with recognised
insurers," the company stated in its Q3 results release.

Norsk Hydro is based in Norway, with a presence in around 40
countries. It specialises in producing alumina and bauxite, rolled and
extruded aluminium products, various forms of primary metal and
hydroelectric power. The firm employs more than 35,000 people
worldwide.

In March, the company announced that it had been affected by a massive
ransomware attack, starting in its US facilities and later spreading
to other locations. Security teams detected abnormal activity on its
systems that disabled part of its smelting operations on 19th March.

After the attack was confirmed, management decided to isolate all
plants and operations. Many plants were switched to manual procedures
and operations to check the spread of the virus. Later, the company
moved to relying on legacy technology like fax machines.

An initial investigation revealed that hackers used a strain of the
LockerGoga ransomware to compromise the systems of Norsk Hydro.
LockerGoga can encrypt files with extensions such as .doc, .docx,
.xlsx, .ppt and .pdf.

The company did not pay the ransom demand and instead chose to restore
its systems from backups.

The Extruded Solutions business suffered the most significant
financial losses due to the attack, the company said.

Initially, the breach was thought to cost around $40 million, but the
figure increased to $52 million in May and to $69 million in June.

The new calculations in July suggested that the attack could have had
a financial impact of up to $75 million in the first half of 2019.

The latest announcement from Norsk Hydro reveals that the estimated
financial impact of the breach in the first half of the year remains
unchanged, with "limited" financial impact on Q3.