Hydro “making progress” after attack as experts call for more cyber cooperation
19 Mar 2019
Renewable energy and aluminium supplier Norsk Hydro, whose holdings include several UK sites, said today (Wednesday) it had made progress in dealing with the effects of a cyber-attack this week.
A short statement on the firm’s website read: “Following an extensive cyber-attack on Tuesday 19 March 2019, Hydro has made progress in securing safe and stable operations across the company.”
The company stated previously that the attack had affected its IT systems and it had responded initially by relying on manual operations where this was possible.
Security analysts have long been concerned by the need for firms to increase vigiliance against cyber attacks. As a large operation, Norsk Hydro's security precautions are likely to be more sophisticated than many manufacturing, utility and process companies.
Adam Vincent, CEO of cyber-security firm ThreatConnect, warned that increased digitalisation of UK factory process would require greater emphasis on protection.
“Digital transformation is increasingly visible on the factory floor, and IP-connected robots are increasingly replacing manned and manual workflows. That means that the average facility now has countless more potential access points for cyber-attacks – and a successful breach can halt production in its tracks for many hours, causing serious financial and reputational damage," he stated.
“This latest attack is proof that Britain’s manufacturing industry faces a serious challenge. Manufacturing is often targeted by both opportunist and targeted hackers, looking for an easy target or a specific set of intellectual property.”
Vincent added that, last year, it was reported that nearly half of UK manufacturers were hit by a cyber security incident.
He added: “Nevertheless, across the manufacturing sector, awareness of the cyber-security challenge and the implementation of appropriate preventive measures are highly varied. Manufacturers need to ensure that their cyber-security capabilities are not just an afterthought.”
We need to see an increase in intelligence-sharing between businesses so they can collectively combat the common cyber-enemy
Adam Vincent, CEO, ThreatConnect
Last year, Lord Harris of Haringey, advisor to the international Electric Infrastructure Security Council in Washington DC, briefed defence think-tank the Royal United Services Institute on the dangers posed to utilities via the electricity network.
Speaking exclusively to Process Engineering, Harris referenced the need for increased coordination between industry and government stating: “The smart grid both provides additional resilience but also opens up more opportunities for an adversary to attack and penetrate that grid.”
Vincent called for an increase in pooled information among UK companies following the Norsk incident.
“We need to see an increase in intelligence-sharing between businesses so they can collectively combat the common cyber-enemy. It’s essential that potential targets understand as much as they can about the threats they face. The more you know, the better you’ll be able to respond to a new threat.”
For an update on Hydro's operational status including UK holdings, see here.