According to the Onslow Water and Sewer Authority (aka ONWASA) some internal systems were infected with the Emotet malware, but the regular water service was not impacted.
According to ONWASA, the infections would require several of the main databases to be completely recreated, fortunately, no customer information was compromised.
“We are in the middle of another disaster following Hurricane Florence and tropical storm Michael,” CEO Jeff Hudson said employees in a video posted on Facebook,
“With a very sophisticated attack they penetrated our defenses, just as they penetrated the city of Atlanta and Mecklenburg county.”
ONWASA CEO Jeffrey Hudson confirmed the ransomware attack began on October 4, the IT staff initially thought to have locked out the threat, however, on October 13 the malware started dropping the Ryuk ransomware into the infected systems.
“An ONWASA IT staff member was working was working at 3am and saw the attack,” ONWASA said.
“IT staff took immediate action to protect system resources by disconecting ONWASA from the internet, but the crypto-virus spread quickly along the network encrypting databases and files.”
Operators at the utility did not pay the ransom and opted out to recreate the infected systems.
“Ransom monies would be used to fund criminal, and perhaps terrorist activities in other countries,” ONWASA reasoned. “Furthermore, there is no expectation that payment of a ransom would forestall repeat attacks.”
The incident response had a significant impact on the operations of the utility in a critical moment, the aftermath of the Hurricane Florence.
ONWASA estimates it will take several weeks to rebuild all of the damaged systems, it will not possible for customers to pay the bill online and major delays will affect the service provided by the utility.
The effects of the Hurricane Florence on the Onslow county were important, schools are still closed and local authorities are still working to clean up debris from the massive storm. It has been estimated that costs to restore the ordinary situation will hit $125m.
| [adrotate banner=”9″] | [adrotate banner=”12″] |
(Security Affairs – Hurricane Florence, ransomware)
[adrotate banner=”5″]
[adrotate banner=”13″]
Fintech firm Figure confirmed a data breach after hackers used social engineering to trick an…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in BeyondTrust RS and…
A new alleged Russia-linked APT group targeted Ukrainian defense, government, and energy groups, with CANFAIL…
A new threat actor, UAT-9921, uses the modular VoidLink framework to target technology and financial…
Attackers quickly targeted BeyondTrust flaw CVE-2026-1731 after a PoC was released, enabling unauthenticated remote code…
Google says nation-state actors used Gemini AI for reconnaissance and attack support in cyber operations.…
This website uses cookies.
