According to the Onslow Water and Sewer Authority (aka ONWASA) some internal systems were infected with the Emotet malware, but the regular water service was not impacted.
According to ONWASA, the infections would require several of the main databases to be completely recreated, fortunately, no customer information was compromised.
“We are in the middle of another disaster following Hurricane Florence and tropical storm Michael,” CEO Jeff Hudson said employees in a video posted on Facebook,
“With a very sophisticated attack they penetrated our defenses, just as they penetrated the city of Atlanta and Mecklenburg county.”
ONWASA CEO Jeffrey Hudson confirmed the ransomware attack began on October 4, the IT staff initially thought to have locked out the threat, however, on October 13 the malware started dropping the Ryuk ransomware into the infected systems.
“An ONWASA IT staff member was working was working at 3am and saw the attack,” ONWASA said.
“IT staff took immediate action to protect system resources by disconecting ONWASA from the internet, but the crypto-virus spread quickly along the network encrypting databases and files.”
Operators at the utility did not pay the ransom and opted out to recreate the infected systems.
“Ransom monies would be used to fund criminal, and perhaps terrorist activities in other countries,” ONWASA reasoned. “Furthermore, there is no expectation that payment of a ransom would forestall repeat attacks.”
The incident response had a significant impact on the operations of the utility in a critical moment, the aftermath of the Hurricane Florence.
ONWASA estimates it will take several weeks to rebuild all of the damaged systems, it will not possible for customers to pay the bill online and major delays will affect the service provided by the utility.
The effects of the Hurricane Florence on the Onslow county were important, schools are still closed and local authorities are still working to clean up debris from the massive storm. It has been estimated that costs to restore the ordinary situation will hit $125m.
| [adrotate banner=”9″] | [adrotate banner=”12″] |
(Security Affairs – Hurricane Florence, ransomware)
[adrotate banner=”5″]
[adrotate banner=”13″]
Qualys warns of two information disclosure flaws in apport and systemd-coredump, the core dump handlers in Ubuntu, Red Hat Enterprise…
Meta stopped three covert operations from Iran, China, and Romania using fake accounts to spread…
The U.S. sanctioned Funnull Technology and Liu Lizhi for aiding romance scams that caused major…
ConnectWise detected suspicious activity linked to a nation-state actor, impacting a small number of its…
Victoria’s Secret took its website offline after a cyberattack, with experts warning of rising threats…
Google says China-linked group APT41 controlled malware via Google Calendar to target governments through a…
This website uses cookies.
