Skip to main content
AKVA chief executive Knut Nesse said the company had received a ransom demand to regain control of their computer system.
AKVA chief executive Knut Nesse said the company had received a ransom demand to regain control of their computer system.

Aquaculture supplier AKVA group has received a ransom demand from hackers who launched a cyber attack on the company yesterday, chief executive Knut Nesse has told Norwegian media.

Several important systems are currently down, the company has said.

AKVA does not yet know the full extent of the situation, and it is too early to indicate the operational and financial impact, as well as how long the problems will take to resolve.

Similar attacks

Eldar Lorentzen Lillevik, a partner in PWC and one of the leaders of the audit and consulting company’s department for cyber security, told Fish Farming Expert’s Norwegian sister site, Kyst.no, said similar attacks have occurred before, such as when one of AKVA’s competitors, Steinsvik (Scale AQ) was hit before Easter last year by a ransomware virus. 

“It may be a similar attack now,” said Lillevik.

Kyst.no has so far not been able to speak to Nesse, who is busy in meetings related to the situation. However, he has confirmed to Stavanger Aftenblad / E24 that AKVA has received a ransom demand.

He does not want to say anything about how much money is involved but points out that the case is now with Kripos, Norway’s National Criminal Investigation Service that tackles organised and serious crime.

According to Nesse, it is not known who is behind the attack.

A known virus

Asle Rønning, the managing director of fish farmer Måsøval, told news site Dagens Naeringsliv that the company was not currently accessing the portal to AKVA group, where several core systems such as finance and the Fishtalk software are located.

After Østre Toten municipality was hit by a ransomware virus before the weekend, Norway’s National Security Authority, whose remit includes cyber security, issued a warning that the ransomware virus was in circulation.

The ransomware virus used in the attack on the local authority is known as “Mespinoza / Pysa” and similar attacks are known against local authorities in France and elsewhere.