By Isaac Singer '21On Tuesday, Norwegian aluminum manufacturing giant Norsk Hydro suffered a cyber security breach, which the company proclaimed to be “quite severe”. The attack has caused plants across Europe and North America to shut down, and has left many others running off-line. While the perpetrators remain unidentified, the attack has been confirmed to be a type of ransomware, a tactic where hackers encrypt data and hijack computers until a certain ransom is paid.There have been speculations that the hack may have been spearheaded by environmental activists in response to the company’s negligence in operating the Alunorte plant in Brazil. Brazilian authorities state that Norsk Hydro’s mining operations caused contamination in the Para River, causing the plant to be shut down in October. Coincidentally, less than 24 hours before the ransomware attack hit Norsk Hydro, the company announced the appointment of Hilde Merete Aasheim as chief executive officer effective May 8. While Aasheim has made public her intentions of resuming plant operations at Alunorte, she emphasized the importance of improving the plant’s filters and increasing its water treatment capacity to ensure socially responsible operations moving forward.Although it seems plausible that these hackers were environmentally conscious ‘Hacktivists’--a term coined to describe cyber attackers driven by a political/ideological agenda-- it is highly unlikely given the timeline in which the events unfolded. It takes months to effectively plan and execute a cyber attack of this magnitude, so there is no way the attack could have been in response to the appointment of Aasheim or her agenda. Additionally, the hackers did not make it clear to Hydro that they had any ulterior motives aside from the money they demanded. If they were looking to effect change in the operational nature of the company, it would make sense for them to say so.According to Reuters, the breach has caused Norsk Hydro’s shares to drop nearly 3 percent, which helps explain the global rise in aluminum prices of over one percent (since Norsk Hydro is the second largest aluminum manufacturer in the world). Given the immense utility of aluminum and a commodity’s effect on the supply chain at large, this attack will have global implications. Security breaches are nothing new. In 2017, the WannaCry cyber-attack reached 200,000 computers worldwide demanding 300 bitcoins to not destroy victims’ data. In 2018, two Iranians launched a ransomware attack in Atlanta, resulting in millions of dollars of losses. Despite companies having cyber security and encrypted servers, the risk of hackers gaining access to secure data remains intact. Unfortunately, as an increasing number of companies work towards IT/OT convergence, especially in the manufacturing sector where OT is most prevalent, there will likely be an increase in cyber security attacks. Linking Operational Technology to Information Technology systems is especially risky because OT systems were not designed to connect to IT and therefore do not contain the proper securities built in. There will be more ways for hackers to breach security walls and enter integrated technology systems, presenting a massive threat to the manufacturing industry in the years to come. Sources:https://www.bloomberg.com/news/articles/2019-03-19/norsk-hydro-ransomware-attack-is-severe-but-all-too-commonhttps://www.bloomberg.com/news/articles/2019-03-19/hydro-says-victim-of-extensive-cyber-attack-impacting-operations-jtfgz6tdhttps://www.computing.co.uk/ctg/news/3072839/norsk-recovers-some-systems-following-confirmed-ransomware-breachhttps://www.computing.co.uk/ctg/news/3072791/norsk-hydro-production-affected-by-cyber-attack-on-us-and-european-operationshttps://www.computerweekly.com/news/252459707/Norsk-Hydro-confirms-ransomware-attack