Hydro switched over to manual operations for its most critical systems, relying on pen and paper and faxes to track its manufacturing and finances. Printed order forms, sticky notes on doors and blank computer screens, hours of manual labor and bookkeeping, helped keep the most essential orders fulfilled until computer access could be restored—partially—for mission-critical work.
海德鲁公司将其最关键的系统改为手工操作,依靠纸笔和传真来跟踪其生产和财务状况。通过打印的订单表格、贴在门上的便利贴、空白的电脑屏幕、数小时的手工劳动和簿记完成了最重要的订单,直到计算机恢复部分访问以完成关键任务。
Manual production is by no means an optimal solution, but it is better than a full shutdown of production facilities. Still, the incident cost Hydro an estimated $70 million, according to its 2019 fourth-quarter earnings report.
人工作业绝不是最优解决方案,但总比完全关闭生产设施要好。尽管如此,根据海德鲁2019年第四季度的收益报告,此次事故造成的损失估计为7000万美元。
To combat the attackers, meanwhile, Hydro CIO Jo De Vliegher, along with agencies including Microsoft's cybersecurity response team and the Norwegian National Cyber Security Centre, set up teams to investigate the virus corruption and rebuild the network. That meant inspecting the accounts of more than 30,000 employees and even more service accounts. Essential systems, like manufacturing-specific software, had to be rebuilt over the course of about three weeks. Restarting other systems, including the company's user directory, took as long as three months.
与此同时,为了打击攻击者,海德鲁公司的首席信息官乔·德·德维利格与微软的网络安全响应团队,以及挪威国家网络安全中心等机构一起成立了团队,调查病毒破坏并重建网络。这意味着要检查3万多名员工的账户,甚至更多的服务账户。基本的系统,比如特定于生产的软件,必须在大约三周的时间内重建。重启其他系统,包括该公司的用户目录,需要长达3个月的时间。
Rob Lee, CEO of cybersecurity firm Dragos, praised Hydro's handling of the situation: "It was just extraordinarily transparent. If you're impacting the public or the supply chain, it helps quell a lot of concerns and it's just really a good practice." Still, with the risk to the actual hackers being minimal—no one was arrested for the Hydro attack—and ransom payouts rising, it's a constant effort to stay ahead.
网络安全公司Dragos的首席执行官罗伯·李赞扬了海德鲁公司对这一情况的处理:“非常透明。如果影响了公众或供应链,这种做法有助于消除很多担忧,真的处理得很好。”然而,黑客真正面临的风险微乎其微——没有人因海德鲁公司攻击事件而被捕——而且赎金支付也在上升,因此要保持领先地位需要不断努力。
"If a competent hacker really wants to get into a company, they will succeed no matter what," says De Vliegher. "We need to be perfect all the time. They just need to be lucky once, and sooner or later they might be lucky again."
德维利格表示:“如果一个有能力的黑客真的想进入一家公司,不管怎么样他们都会成功。我们需要时刻保持完美。他们只需要一次好运,迟早他们还会再幸运一次。”
译文由可可原创,仅供学习交流使用,未经许可请勿转载。