Norwegian recycling and mining multinational Tomra has revealed that an “extensive” cyber-attack has directly affected some of its “data systems.”
The firm discovered the breach on the morning of July 16, it said in a short statement.
“We immediately disconnected some systems to contain the attack, and Tomra is currently assessing whether customers and employees might experience reduced stability in our services. Our primary focus now is to get all systems up and running again as fast as possible,” it continued.
“Tomra will remain transparent with all stakeholders, and we will continue to provide updates when we have confirmed information to share.”
The firm added that it had already notified the relevant authorities and mobilized all resources to “contain and neutralize the incident.”
Read more on attacks on Norwegian firms: Norsk Hydro Admits Ransomware Costs May Have Hit $41m.
An update yesterday claimed the attack has had a “limited impact” on customer operations.
“Most of Tomra’s digital services are designed to operate offline for a certain amount of time but may have reduced functionality in the interim,” it noted. “A team is working to establish temporary solutions for all digital systems to support keeping costumer solutions operational over time.”
To that end, the firm’s food and recycling businesses are operating ‘as usual,’ but with limited functionality due to digital services being offline, it said.
Its reverse vending machines (RVMs) are working online in Australia and North America, while most continue to function offline in Europe and Asia.
However Tomra’s internal IT and back office apps are offline, impacting supply chain management.
“Major office locations are offline, and employees are asked to work remotely,” it added.
The Asker-headquartered firm announced record quarterly revenues in Q4 2022 of over $345m.
Rob Bolton, VP EMEA at Versa Networks, argued that service disruption is a popular tactic for extorting money from critical infrastructure and supply chain organizations.
“One positive that can be taken out of the attack on Tomra is the quick response time to stop the attack and mitigate its impacts,” he added.
“Every organization should have measures and controls in place to contain cyber-attacks as soon as they are identified. Network segmentation, as an example, allows security teams to rapidly locate malware, limit its movement, and ultimately reduce the potential impact of an attack.”