How a ransomware attack cost one firm £45m

Back to Spotlight

The story of Norsk Hydro’s ransomware attack illustrates what a devastating cyber crisis can look like. The company has been fairly public in its response, allowing other companies to learn from Hydro’s experience. In the security community, the story of Hydro is seen as a case in point of how to respond to a serious attack. 

There are many reasons why.

Norsk Hydro’s leadership team never paid off the hackers, even as production lines switched to manual functions or ground to a complete halt. They remained open and transparent with their employees, customers, and the wider public throughout the crisis, while rebuilding its systems from scratch. Although the attack ultimately cost more than £45m, the CIO at the time (Jo De Vliegher, today a Client Partner at ISTARI) remains steadfast on it being the right decision for Norsk Hydro.

Why does this matter for businesses? 

• Ransomware is even more prolific today than in 2019 when Norsk Hydro faced the attack. Organisations of all shapes and sizes should know, practise and revise their incident response plans for when - not if - their systems are held at ransom. 
• Sometimes it is hard for companies to really imagine what a cyber crisis looks like, and how crippling it can be. The case study of Norsk Hydro fills that imagination gap.
• The case of Norsk Hydro also shows that preparing for cyber crises isn’t just about technical defences – it’s a matter of collective responsibility and leadership.
• Norsk Hydro's staff had to use paper-based workarounds to remain resilient in the face of the crisis. Is your company able to?

Read the full article here