Operations at the American chemical firms Hexion and Momentive were disrupted March 12th when company computer systems were locked up by LockerGoga ransomware, Motherboard reports.
LockerGoga is the same ransomware experts believe was used to cripple operations at American and European aluminum smelters run by Norwegian company Norsk Hydro earlier this month.
During the course of the attack on Norsk, pots of molten aluminum, which must be kept running 24-hours-a-day, were switched to manual mode. It is not publicly known whether this was just a side effect of the attack.
The attack on Hexion and Momentive, makers of resins, silicones, and other substances, has reportedly forced the company to purchase “hundreds of new computers.”
Motherboard says it obtained an internal email sent around Momentive by company CEO Jack Boss in which he says the company had to call in “SWAT Teams” to manage a “global IT outage.”
A current employee at Momentive told Motherboard that, on the day of the attack, certain computers displayed “blue screen errors” stating their files had been encrypted.
Thereafter, said the employee, “everything (went down). Still no network connection, email, nothing…”
In his email to Momentive, Boss reportedly said that data on affected computers was likely lost.
The same letter says that certain employees that lost access to their email accounts are being given new accounts that will be run through a slightly different domain.
Prior to the attack on Momentive and Hexion, says Motherboard, only two other LockerGoga attacks were publicly known: the attack on Norsk Hydro and another on French engineering firm Altran.
A spokesperson at cybersecurity firm Kaspersky Lab, however, told the outlet that other LockerGoga attacks have occurred across the globe.
The Norse Hydro, Altran, Momentive and Hexion attacks all reportedly involved demands that a ransom be paid in Bitcoins in order to unlock data.