Norwegian aluminum giant Norsk Hydro recently published its financial results for the third quarter of 2019 and revealed that it received its first insurance payout related to the cyberattack that hit the company in March.
The company estimates that the financial impact of the ransomware attack in the first half of 2019 ranges between $60 million and $70 million (550 to 650 million Norwegian crowns), which is similar to previous estimates.
The company’s Extruded Solutions division suffered the most, both in terms of operations and financial losses.
In its latest financial report, the company revealed that the incident is expected to have limited financial effects in the third quarter. This past quarter, the company received its first insurance compensation following the attack: $3.6 million (33 million Norwegian crowns), which represents only a fraction of the total losses.
Norsk Hydro has reiterated that it has “robust cyber insurance in place with recognized insurers” and it expects to receive more money. It remains to be seen exactly how much insurers will pay in total.
“Cyber insurance is still a nascent market and every policy aspect is being tested (coverage definition, premiums, limits and sublimits, and more) as more enterprises adopt insurance to help mitigate incident-related losses,” Trent Cooksley, COO at cyber insurance firm Cowbell Cyber, told SecurityWeek.
“Silent cyber and coverage obtained as an endorsement to a general commercial liability policy or E&O is often not enough. There are unarguable benefits to policyholders and insurance providers to evolve to a model where enterprises can subscribe to a ‘true’ cyber liability policy. Cyber risks should be measured on a continuous basis, and coverage defined at a more granular level, in order to close today’s insurability gaps,” Cooksley added.
The security incident at Norsk Hydro involved a piece of file-encrypting ransomware known as LockerGoga. The attack caused disruptions at several plants and forced workers to rely on manual processes, but the company refused to pay the ransom demanded by the hackers and instead relied on backups to restore systems.