Norway's Norsk Hydro, one of the world’s largest aluminum producers, suffered an "extensive cyber-attack" against its facilities around the world last night. The company said in a message to investors that "IT-systems in most business areas are impacted and Hydro is switching to manual operations as far as possible." According to Reuters, the Norwegian National Security Authority (NNSA) said the attack used a fairly new strain of ransomware called "LockerGoga." A spokesman for Hydro told the BBC that the company was able to continue production by reverting to manual methods, and that it has data backups to restore from as soon as the attack is neutralized. Currently, however, Hydro is still working with the NNSA to contain the attack and identify the extent of the damage. The company will hold a press conference shortly to share more information.
Palo Alto Networks' Unit 42 published a report yesterday on a new variant of the Mirai botnet malware. This version is using a total of 27 exploits, 11 of which are new. It's also targeting a wider range of devices, including WePresent WiPG-1000 Wireless Presentation systems and LG Supersign TVs. Since these devices are meant for use in business environments, the researchers believe this new strain indicates "a potential shift to using Mirai to target enterprises." Enterprises provide "a large attack surface" and "access to greater bandwidth," allowing for more powerful DDoS attacks.
Homeland Security Secretary Kirstjen Nielsen said yesterday that emerging cyber threats are her top concern for the coming year.