City Power Hit by Ransomware Attack

July 29, 2019

City Power, who is responsible for providing power to Johannesburg, South Africa, said on Thursday it had been hit by a ransomware virus that had encrypted all of its databases, applications and network.

City Power said its website was down and that customers would struggle to access a number of services, such as buying electricity, uploading invoices and access to the website. It also could affect its response to some outages as the system to order and dispatch was affected.

“City Power has been hit by a virus which has led to a black out to it's IT systems. We apologise to our customers in the @CityofJoburgZA,” City Power said in a tweet.

The city of Johannesburg said in a tweet, "Customers should not panic as none of their details were compromised."

Matt Walmsley, EMEA Director at Vectra, says, “We’re seeing ransomware becoming a far more focused tactic where cybercriminals take time to profile and target organizations who they believe will have a higher likelihood of paying a meaningful level of ransom. The broad scope of disruption to City Power’s databases and other software, impacting most of their applications and networks suggest that the ransomware was able to very quickly propagate internally without impediment. The disruption to their services, as well as consumer backlash, will further compound the pressure on City Power’s IT and security teams to rapidly restore systems to a known good condition from back-ups, or chance of paying the ransom. 

To have a fighting chance, cybersecurity teams need to be able to rapidly detect and respond to pre-cursor ransomware actions such as host and file store reconnaissance behaviors and command and control signals that are a pre-cursor to the file encryption activities. As the response time available before encryption occurs can be very short, these are tasks that increasingly need to be automated by augmenting people and processes with AI systems that can work at a scale and speed humans alone simply couldn’t match. In ransomware attacks, time is the most precious resource for security teams.”

Terence Jackson, Chief Information Security Officer at Thycotic, says, “It appears that in similar fashion to the attacks that have been plaguing US cities and states, Johannesburg’s Power Body operations have been severely degraded by this attack. There hasn’t been any mention of the ransom request, but due to the severity of this attack, I’m sure it will be a hefty one. It will also be interesting to see if the Power Body has properly backed up its data.”

Ransomware and the propulsion of the extortion economy has rapidly eclipsed into a national priority. Recently, we observed the catastrophic impact of a widescale ransomware attack impacting gas pipelines and raising national gas prices overnight.

How can security leaders charged with investigations handle the management of interviewers and interrogators, as well as handle interviewing, including dealing with false confessions and misleading information?

Poll

Recruiting Diverse Candidates

View Results

Poll Archive

Products

Effective Security Management, 7th Edition

Effective Security Management, 5e, teaches practicing security professionals how to build their careers by mastering the fundamentals of good management. Charles Sennewald brings a time-tested blend of common sense, wisdom, and humor to this bestselling introduction to workplace dynamics.

See More Products

City Power Hit by Ransomware Attack

Get our new eMagazine delivered to your inbox every month.

Stay in the know on the latest enterprise risk and security industry trends.

City Power Hit by Ransomware Attack

Related Articles

Related Events

Get our new eMagazine delivered to your inbox every month.

Stay in the know on the latest enterprise risk and security industry trends.