Catch up on stories from the past week (and beyond) at the Slashdot story archive

 


Forgot your password?
Close
typodupeerror
×
IT

Ransomware Incident Leaves Some Johannesburg Residents Without Electricity (zdnet.com) 67

Posted by msmash from the growing-incidents dept.
A ransomware infection at an electricity provider in the city of Johannesburg, South Africa's biggest city and financial capital, has left some of its residents without power. From a report: The ransomware infection impacted City Power -- a provider of pre-paid electric power for Johannesburg residents and local companies. The malware encrypted the company's database, internal network, web apps, and official website.
This discussion has been archived. No new comments can be posted.

Ransomware Incident Leaves Some Johannesburg Residents Without Electricity More

Ransomware Incident Leaves Some Johannesburg Residents Without Electricity

Comments Filter:

  • Email hygiene (Score:3)

    by Sir_Eptishous ( 873977 ) on Thursday July 25, 2019 @10:33AM (#58985044)
    No more html enabled email, and strip attachments and links.

    • Re:Email hygiene (Score:5, Insightful)

      by JaredOfEuropa ( 526365 ) on Thursday July 25, 2019 @10:52AM (#58985146) Journal
      Nope. The right question to ask the head of IT is: "What do you do if all your shit gets encrypted by ransomware?". "How will you recover", not "How will you prevent this?" Because you won't...

      • Nope. The right question to ask the head of IT is: "What do you do if all your shit gets encrypted by ransomware?". "How will you recover", not "How will you prevent this?" Because you won't...

        Right, backups, we get it. User permissions, firewalled vlans, etc; DNS forwarding to block connections to known bad domains, etc;
        This isn't a new phenomena.

        The thing that amazes me though is that still in this day and age we leave email as open as it is to this attack.

      • Comment removed based on user account deletion
      • Not having backups is like putting all your money in your mattress. When someone steals it or your house burns down, you are SOL.
    • No more internet connection for any core systems,wired lan only if necessary and hardware switches only.Problem solved,atleast of these type.

  • Not very clever ...

  • Not familiar with the power market in South Africa. Is the "residents without power" because the e-commerce bits to buy/sell power units were impacted by the infection thus causing the power loss because the customer could not purchase power units?

    • Re: (Score:2)

      by Viol8 ( 599362 )

      Seems that way. But it doesn't matter which department fucked up - any critical public utility should have military grade security around its systems. Clearly the people running this one didn't get the memo.

    • Re: (Score:2)

      by tlhIngan ( 30335 )

      Not familiar with the power market in South Africa. Is the "residents without power" because the e-commerce bits to buy/sell power units were impacted by the infection thus causing the power loss because the customer could not purchase power units?

      I think it's more simply stated - some people prepay for power, like you prepay for a phone. So you put $5 in your account, and when you use $5 worth of electricity, it gets cut off. Or some do it with time as well - you pay $5 to get power for a week.

      The problem

  • Just restore offline backups (Score:1)

    by Anonymous Coward

    Should be back up and running quickly

  • Didn't Venezula just claim the same thing?

    • Re: (Score:3)

      by Mashiki ( 184564 )

      No they claimed that it was an EMP. In this case, I can easily see it. Over here in Canada, there were power providers that offered the similar service back ~20 years ago. It was mainly used by PUC's that operated in areas where there was a history of repeated missed payments. These type of systems had to call in to the local PUC in order to process the payments, if they couldn't call in you couldn't get your electricity.

    • We, as those who are here in South Africa, believe it because we can see there is no general blackout and those on billed connections still have power, and those on prepaid with sufficient credit on the meter still have power.

      The worst thing is it happened just before the general monthly payday, so people on tight budgets with few credits left are screwed even though they now have the money to pay for the next month.

  • IMHO the potential risk / damage of increasing ransomware and cyber terrorism greatly exceeds that of things like child porn and drug trafficking. I'd like to see international law enforcement divert resources to this problem before it gets too large.

    We don't expect individuals to build unbreachable physical barriers around their homes and businesses, instead we rely on law enforcement stopping most break-ins / thefts. We should expect the same for cyber threats. One of the features of an advanced society

    • Re: (Score:1)

      by Anonymous Coward

      We don't expect individuals to build unbreachable physical barriers around their homes and businesses, instead we rely on law enforcement stopping most break-ins / thefts.

      Law enforcement rarely stops most or even some break-ins or thefts. They tend to act after-the-fact, more like janitors who deal with cleanup after a spill, and occasionally they get their man. If you believe you are protected, that is an illusion.
      Many businesses don't just rely on law enforcement; they have better security than homes, like antitheft/antivandal glass, alarm systems, shuttered or barred windows, bollards to prevent a vehicle from ramming down the doors, things like that. Some businesses even

      • That's why I think that national intelligence agencies should be primarily responsible for finding and nullifying ransomware agents. Classify it as an act of war and punish accordingly.

    • One of the features of an advanced society is that it doesn't require individuals to defend themselves from attacks.

      And one of the features of advanced individuals is that they prepare for unexpected eventualities. Maybe we should promote both. Security is good for lots of reasons. We're not talking about houses where you'd have to armor and guard everyone's domicile, we're talking about software which is written once, and distribute to many people at little cost. It's reasonable to protect people in both ways.

  • should never be connected to the internet in any form,and this is why.

  • How long until a disaster happens? (Score:4, Insightful)

    by xack ( 5304745 ) on Thursday July 25, 2019 @11:20AM (#58985288)
    One day a critical piece of infrastructure will get ransomwared and people will be killed. And yes thanks to the internet of things there is a lot of unsecured things connected to the internet waiting to be exploited.

    • One day a critical piece of infrastructure will get ransomwared and people will be killed.

      Power is critical for people who need a CPAP, or an oxygen generator. An unfortunate number of those people seem to not have battery backup, but even the people who do have portable battery-operated units still need to recharge them.

  • How many f*kg headlines do there have to be before admins LEARN that they need to have (tested!) Disaster Recovery plans in place for things like this??

  • Easy to be smug (Score:4, Interesting)

    by Billy the Mountain ( 225541 ) on Thursday July 25, 2019 @12:45PM (#58985664) Journal
    It's easy to say "Should'a had backups!" But what if the backups don't help? What if the malware is already on all of the backups?

    • With all the power of the NSA/CIA/etc have demanded, why are they powerless to find those responsible and bring them to some sort of justice?

      A few jerk hackers being dragged/renditioned into the city square would probably do more to curtail this crap than a million calls for better backups and more care with your emails.

    • Re: (Score:1)

      by gregsv ( 631463 )

      Then you're doing backups wrong. Seriously, if you can't find one good copy of data to restore for a fairly fast-acting threat like ransomware, then there's some parameter of your backup policies that needs to be drastically readjusted. I could maybe see something like that for an advanced infection with a long fuse timer or something, but that's not what we're talking about here. And even in that case, you should at least be able to get your critical data out of the backups, even if you have to nuke the

  • How much longer before we're reading news stories about deaths resulting from ransomware?

Slashdot Top Deals

A good supervisor can step on your toes without messing up your shine.

Close