On March 19, 2019, Norsk Hydro, one of the world’s largest aluminum producers, experienced a massive ransomware attack that disrupted operations across 170 sites and forced the shutdown of 22,000 computers. The financial impact reached approximately $70 million, making it one of the most significant industrial cyber incidents in recent history.

The attack, attributed to the FIN6 cybercriminal group, was carried out using stolen credentials, weak remote access points, and insufficient network segmentation. Rather than exploiting an advanced vulnerability, the attackers relied on common weaknesses that exist in many organizations today. This incident highlights a critical reality: traditional defenses such as firewalls are not enough to stop persistent, credential-driven threats.

This video examines how the breach unfolded, why conventional security measures failed, and what it reveals about the growing risks facing operational technology environments. It also explores how a different approach to security could have stopped the attack before it began.

BlastWave’s model combines network cloaking, passwordless multi-factor authentication, and microsegmentation to make networks invisible to attackers, render stolen credentials ineffective, and prevent lateral movement. By eliminating visibility and access, it removes the pathways attackers depend on.

Learn how this approach could have prevented the Norsk Hydro attack and dozens of similar incidents covered in Hackopedia Volume 1, available now.