Ransomware attack cripples Johannesburg power supplier
Friday, July 26, 2019
ImmuniWeb founder and CEO Ilia Kolochenko warned that similar incidents will continue to happen.
"Cities, and especially their infrastructure sites, are usually a low-hanging fruit for unscrupulous cyber- gangs. These victims will almost inevitably pay the ransom as all other avenues are either unreliable or too expensive," he said.
The time window and specific range in the Johannesburg attack is worth noting, said Vectra director Matt Walmsley.
"We’re seeing ransomware becoming a far more focused tactic where cyber-criminals take time to profile and target organisations who they believe will have a higher likelihood of paying a meaningful level of ransom. The disruption to their services and consumer backlash will further compound the pressure on City Power’s IT and security teams to rapidly restore systems to a known good condition from back-ups, or chance of paying the ransom," he said.
Crypto currencies make such crimes technically un-investigatable in most cases, said Kolochenko.
"Law enforcement agencies are already overburdened with an increasingly growing pipeline of sophisticated investigations, often aggravated by continuous lack of financing and unfriendly colleagues from foreign jurisdictions. Unless governments develop, finance and duly enforce security regulations purported to safeguard cities and municipalities, we will soon dive into a darkness, facing grave accidents involving airports and other objects of critical infrastructure," he added. Read Full Article
Help Net Security: Ransomware attack leaves Johannesburg residents without electricity
Infosecurity Magazine: Louisiana Governor Declares Emergency After Ransomware Blitz