Norwegian Energy Company Investigating Cyberattack at Brazil Subsidiary

February 15, 2023

Norwegian energy services company Aker Solutions said a subsidiary company in Brazil has been subjected to a cyber attack on its IT systems.Aker Solutions said it does not yet know the full extent of the situation, and that a dialogue is being established with the authorities in Brazil about the incident.

In addition, its global IT organisation is working to resolve the situation with external expertise. “The attack is currently directed at CSE, and the attackers claim that they have entered the IT systems, encrypted digital files and locked access to data,” said the company, led by chief executive Kjetel Digre.

CSE is a fully-owned Aker Solutions subsidiary with 450 employees in Brazil. Its main business is providing maintenance and modifications services to oil and gas installations offshore Brazil.

read more

Recycling, Mining Provider, Tomra, Hit in ‘Extensive’ Attack

July 16, 2023

Norwegian recycling and mining corporation Tomra suffered an “extensive cyberattack” Sunday which affected some of its data systems, company officials said.
“Tomra has been targeted by an extensive cyberattack directly affecting some of the company’s data systems,” the company said in a statement. “Relevant authorities have been informed, and all available internal and external resources have been mobilized to contain and neutralize the incident.
“The attack was discovered in the morning of July 16th (CET), and immediate actions were taken to stop it and mitigate consequences. We immediately disconnected some systems to contain the attack, and Tomra is currently assessing whether customers and employees might experience reduced stability in our services. Our primary focus now is to get all systems up and running again as fast as possible.”

read more

Cyberattack takes DNV’s Maritime Vessel and Fleet Management Software Offline.

January 7, 2023

DNV confirms it has taken its ShipManager software product offline after the services’ IT servers had been the victim of a cyberattack. DNV reports that it has advised customers. In response to the incident the company shut down ShipManager’s IT servers.

ShipManager is a software solution used by shipping companies to oversee the technical, operational, and compliance aspects involved in vessel and fleet management.

UPDATE: Approximately 1.000 ships of 70 maritime operators were affected by a ransomware
attack reports the Computer Emergency Response Team for the EU institutions.

read more

Norway Media Company, Amedia, Hit in Cyberattack

December 28, 2021

Amedia, the largest local news publisher in Norway, said December 28 several of its central computer systems were shut down in what it is calling an apparent “serious” cyberattack.
The attack is preventing the company from printing the next day’s edition of the newspapers, and presses were halted until the issue was resolved. The hack impacted the company’s advertising and subscription systems, preventing advertisers from purchasing new ads and stopping subscribers from ordering or canceling subscriptions.
The company said it is unclear whether personal information has been compromised—the subscription system affected by the attack contains names, addresses, phone numbers, and subscription history of customers. Data such as passwords, read history, and financial information are not affected, the company said.

read more

Norwegian Food Producer Hit in Cyberattack

December 21, 2021

Nortura has been the victim of a computer attack. We have therefore decided to shut down our IT systems and remove Internet access at our locations to minimize possible damage to systems and operations.
The result is the activity at several factories and expeditions has been reduced until further notice.
We are now working to get a complete overview of the situation and the extent, as well as make plans to deal with the consequences of the situation that has arisen. The priority is securing data and stabilizing the systems.

read more

Virus/Worm Infects New Oil Platform

January 1, 2003

WIZARD SPIDER is a sophisticated eCrime group that has been operating the Ryuk ransomware since August 2018, targeting large organizations for a high-ransom return. This methodology, known as “big game hunting,” signals a shift in operations for WIZARD SPIDER. This actor is a Russia-based criminal group known for the operation of the TrickBot banking malware that had focused primarily on wire fraud in the past.

read more

Fresenius Kabi Computer Virus

May 6, 2020

A computer virus infected at least one of its businesses’ IT systems. The corporation said the security incident had hampered some production in its pharmaceutical business, which makes everything from nutritional products and infusion therapies to pain relievers that are in high demand during the coronavirus pandemic

read more

Norsk Hydro Production lines stopped

May 18, 2019

Production lines had stopped at some of its 170 plants.

The ransomware LockerGoga blocked the company’s systems, forcing a switch to manual operations and workarounds. The Extruded Solutions unit, which makes components for car manufacturing, construction and other industries, reduced its output by 50%. Administrative systems, such as reporting, billing and invoicing, suffered delays. It took Norsk Hydro several weeks to bring operations back to normal.

read more