Hydro still working to restore operations after cyber attack

OSLO - Norsk Hydro, one of the world's largest aluminium producers, has made some progress in restoring operations but is not yet back to normal after a ransomware cyber attack, the company said in a statement on Wednesday.

After the attack began late on Monday, the company had to shut several metal extrusion and rolled products plants, which transform aluminium ingots into components for car makers, builders and other industries, while its smelters in Norway were largely operating on a manual basis.

"Hydro still does not have the full overview of the timeline towards normal operations, and it is still (too) early to estimate the exact operational and financial impact," the company said.

But Hydro said its technical team, working with external support, has detected the root cause of the problems and is currently working to restart the company's IT systems.

The Norwegian National Security Authority (NNSA), the state agency in charge of cybersecurity, said the attack used a virus known as LockerGoga, a relatively new strain of so-called ransomware which encrypts computer files and demands payment to unlock them.

(Reporting by Terje Solsvik, editing by Gwladys Fouche and Elaine Hardcastle) ((terje.solsvik@thomsonreuters.com; +47 918 666 70; Reuters Messaging: terje.solsvik.thomsonreuters.com@reuters.net))