Pierluigi Paganini July 26, 2019

South African electric utility City Power that provides energy to the city of Johannesburg, has suffered serious disruptions after a ransomware attack.

A ransomware infected systems at City Power, an electricity provider in the city of Johannesburg, South Africa, and some residents were left without power.

The energy utility informed its customers via Twitter of the ransomware attack that encrypted its network, including all its databases and applications.

The attack took place early on Thursday and paralyzed the electricity vending systems making it impossible for the customers to buy electricity units using its prepaid system.

City Power customers can pay what they consume thanks to prepaid power meters.

Officials confirmed that the attack also impacted their “response time to logged calls as some of internal systems to dispatch and order material have been slowed by the impact,”

Fortunately, after a few hours after the attack was disclosed, the City of Johannesburg restored operations for most of the impacted applications and networks. The City Power website and systems that manage the invoices remained offline.

The good news is that personal information was not compromised in the attack. At the time of writing, City Power did not provide info about the type of ransomware that infected its system or how the infection took place.

“Ransomware virus is known globally to be operated by syndicates seeking to solicit money. We want to assure residents of Johannesburg that City Power systems were able to proactively intercept this and managed to deal with it quickly,” said the company.

In recent months, other municipalities were infected by ransomware and in some cases, officials paid ransom demands, such as Riviera Beach City, Lake City, Florida, and Jackson County, Georgia, and La Porte.

Pierluigi Paganini

(SecurityAffairs – Johannesburg, ransomare)

[adrotate banner=”5″]

[adrotate banner=”13″]