The computer network of a water and electricity supplier in
the State of Michigan in the United States was taken down for a week
following a cyber attack.
A hacker whose identity remains unknown infected the computer
networks of the Lansing Board of Water & Light (BWL) using malware
whose technical specifications have not been disclosed.
On the morning of April 25, BWL detected the malware and immediately shut down its computer networks in order to prevent it from spreading. The program appears to be ransomware: malicious software encrypting the data of an owner from whom a ransom is then demanded in exchange for the key to decrypt the data. Electricity and water distribution networks were in fact spared in the attack.
On the morning of April 25, BWL detected the malware and immediately shut down its computer networks in order to prevent it from spreading. The program appears to be ransomware: malicious software encrypting the data of an owner from whom a ransom is then demanded in exchange for the key to decrypt the data. Electricity and water distribution networks were in fact spared in the attack.
A simple phishing email caused the outage
BWL had to shut down its servers, including telephone, for a
week. The company has ensured that this shut down of its computer
networks will only result in a delay in billing for its customers. Since
credit card data is processed by an external company, this data is
safe.
The company refused to provide more detail about the hackers’ demands
and how it has secured its computer network. Lacking further
information, it would appear that BWL was swept up in a massive and
indiscriminate infection campaign. The company acknowledged that an
employee inadvertently opened an infected attachment in an email. It is
very likely that this email was sent to thousands of potential victims.
Ransomware attacks rapidly increasing according to the FBI
This attack comes amid increasing ransomware attacks against public institutions, in particular in February against the California-based Hollywood Presbyterian Hospital.
This proliferation of attacks prompted the FBI to issue a report on
April 29 stressing the need for all public and private organizations to
protect themselves against this risk. The FBI called in particular for
increasing staff awareness and having business continuity plans in place
as soon as possible (regular backup procedures for data on servers that
are not connected to the computers to be protected) to respond to
attacks that will increase in 2016.