Cyber-attacks against industrial systems are an increasing concern, and the Norwegian aluminum giant Norsk Hydro on Tuesday provided a new and worrying example of the phenomenon.
An “extensive cyber-attack” struck the company early in the day, European time, and it has been forced to switch to manual operations “as far as possible,” Hydro said in a statement. It added that “IT systems in most business areas are impacted” but that it did not yet know the full extent of the situation.
Fortune has asked for clarification on whether the attack targeted Hydro’s industrial control systems, but had not received a response at the time of writing.
Norwegian state security told Reuters it was helping Hydro with the situation and liaising with other sectors and international agencies. The news agency reported that Hydro’s smelters in Norway, Qatar and Brazil were all on manual operation.
Hydro told the BBC that the automated systems it had to disable were designed to ensure the efficient functioning of the smelters’ machinery.
The company has recently been in the spotlight over its Alunorte alumina refinery in Brazil, where Hydro admitted discharging untreated water during heavy rains.
Hydro’s shares were down around 1% at the time of writing, though in early trading they had fallen as much as 3.4%. The attack came just hours after CEO Svein Brandtzæg announced the company would be getting its first female CEO, Hilde Aasheim.
According to recent research by cybersecurity firm Kaspersky Lab, more than two in five industrial control systems came under some form of cyber-attack in the first half of last year, with the main infection vector being connections to the Internet.
It was not so long ago that such attacks were rare. In a particularly severe case several years ago, an attack on a German steel mill caused “massive” physical damage to the plant’s furnaces.