Skip to main content

Ransomware Attack Caused Power Outages in the Biggest South African City

cyber attack cause power outage
Yesterday, some residents of Johannesburg, the largest city in South Africa, were left without electricity after the city's power company got attacked by a ransomware virus.

City Power, the company responsible for powering South Africa's financial capital Johannesburg, confirmed Thursday on Twitter that it had been hit by a Ransomware virus that had encrypted all of its databases, applications, and network.

The attack prevented prepaid customers from buying electricity units, upload invoices when making payments, or access the City Power's official website, eventually leaving them without power.

"Please note that the virus hit us early Thursday morning, compromising our database and other software, impacting most of our applications and networks," the city government said in a tweet.

 However, the company has also ensured its customers that none of their details were compromised in the cyber attack.

At the time of writing, the company confirmed they have restored electricity supply in many areas and also most of the critical applications, including the prepaid vending system responsible for enabling its customers to buy electricity.

However, customers seeking to access the City Power website to log faults are still not able to do so. They are requested to log calls by their mobile phones using citypower.mobi.

Depending on the type and severity of the cyberattack, it is believed that the complete clean up of the affected services and networks could take weeks.

Also, it could cost millions of dollars—just like the City of Baltimore recently spent $5,310,546 in hiring security consultant firms and upgrading its infrastructure following a ransomware attack that shut down the majority of its servers.

The city government did not provide any details on the type of ransomware virus that hit the power company, or if the company has a backup for critical files encrypted by the malware.

 "Customers should not panic as none of their details were compromised," the city government saidThursday afternoon. "We apologize for the inconvenience caused to the people of the City of Joburg. Please be patient with us, and we expect to have everything back in order by the end of Thursday."

Johannesburg is not the only one that was recently hit by a ransomware attack. A growing number of cities has targeted in the last few months with ransomware as cybercriminals aim municipalities around the world.

Last month, ransomware viruses hit two cities in Florida that made large ransom payments to gain back access to city files that were encrypted in the attacks—these cities include Riviera Beach City ($600,000) and Lake City ($500,000) in Florida.

However, federal authorities and cybersecurity experts have always advised victims not to pay ransoms since it encourages criminals, and also there's no guarantee of files or computer systems being completely restored.

Instead of paying the ransom, organizations and companies should consider having robust backups of their important and required files and data in place as well as educating their employees to avoid being a victim of such cyber attacks.

Comments

Post a Comment

Popular posts from this blog

Be fraud aware - What are phishing, smishing and vishing.

  You may have heard the terms phishing, smishing or vishing before, but what exactly do they mean? At their core, all three terms are a type of financial fraud which tricks unsuspecting victims into giving out sensitive personal information, handing over money or installing malware onto their device. The only difference between each term is the channel via which you can be targeted; phishing refers to scam emails, smishing refers to scam text or WhatsApp messages and vishing takes place over the phone. Phishing The most common phishing method encourages victims to visit a malicious website through a fake email message, which appears to be sent from a legitimate company or source (e.g. from a bank, HMRC, a delivery company or the NHS). For example, you might receive an email which appears to be from an organisation who you’re familiar with, asking you to click on a link. At this point you will be taken to a webpage on which you’re asked to submit sensitive data, such as passwords, ...
Post a Comment
Read more

How Cybersecurity Enables Government, Health, EduTech Cope With COVID-19

The advent of the Covid-19 pandemic and the impact on our society has resulted in many dramatic changes to how people are traveling, interacting with each other, and collaborating at work. There are several trends taking place as a consequence of the outbreak, which has only continued to heighten the need for the tightest possible cybersecurity. Tools for Collaboration There has been a massive spike in the adoption of Tools for Collaboration as a consequence of COVID-19. Concerns about the coronavirus have caused an enormous increase in remote working, with many organizations requiring or at least encouraging their workers to stay at home—especially when cities, states, and even some entire nations are ultimately into lock down in a bid to spread the stem of the disease. Meanwhile, with millions working from home for many weeks now, there has been a spike in the video conferencing and online collaboration software, many of which are fortunately entirely free, allowing organizations...
Post a Comment
Read more

March – Threat Intelligence Bulletin

Top Attacks and Breaches Global fear of the Corona virus epidemic continues to be exploited for malicious cyber operations. Check Point Research  reports  of thousands of newly registered coronavirus related domains, which are 50% more likely malicious than other domains. CPR also informed of a Trickbot campaign using a fake health warning document to target Italian users. Colorado based space and defense parts manufacturer, Visser Precision, has fallen victim to a DoppelPaymer  ransomware  Information stolen from Visser and its customers, including Tesla, Lockheed Martin, SpaceX and Boeing, has been published online in  another  attempt to extort ransom payment. An unidentified demographic and financial information database, hosted on Google cloud, has been left  unsecured  for more than a month. Containing over 200 million records, the exposed information included name, address, email address, credit rating, income, net worth property ...
Post a Comment
Read more