Norsk Hydro receives first cyber insurance payout of $3.6 million for breach-related losses

The amount represents just six per cent of the total costs resulting from the cyber attack

Norsk Hydro, the aluminium manufacturing firm that suffered an extensive cyber attack in March, claimed approximately $3.6 million from its insurers in the third quarter of 2019.

The pay-out represents just six per cent of the total $60 million to $71 million in costs (in the third quarter) resulting from the breach. The company said it expects more compensation to come as more costs are totalled in coming months.

"Hydro has a robust cyber insurance in place with recognised insurers," the company stated in its Q3 results release.

Norsk Hydro is based in Norway, with a presence in around 40 countries. It specialises in producing alumina and bauxite, rolled and extruded aluminium products, various forms of primary metal and hydroelectric power. The firm employs more than 35,000 people worldwide.

In March, the company announced that it had been affected by a massive ransomware attack, starting in its US facilities and later spreading to other locations. Security teams detected abnormal activity on its systems that disabled part of its smelting operations on 19^th March.

After the attack was confirmed, management decided to isolate all plants and operations. Many plants were switched to manual procedures and operations to check the spread of the virus. Later, the company moved to relying on legacy technology like fax machines.

An initial investigation revealed that hackers used a strain of the LockerGoga ransomware to compromise the systems of Norsk Hydro. LockerGoga can encrypt files with extensions such as .doc, .docx, .xlsx, .ppt and .pdf.

The company did not pay the ransom demand and instead chose to restore its systems from backups.

The Extruded Solutions business suffered the most significant financial losses due to the attack, the company said.

Initially, the breach was thought to cost around $40 million, but the figure increased to $52 million in May and to $69 million in June.

The new calculations in July suggested that the attack could have had a financial impact of up to $75 million in the first half of 2019.

The latest announcement from Norsk Hydro reveals that the estimated financial impact of the breach in the first half of the year remains unchanged, with "limited" financial impact on Q3.