Onslow Water and Sewer Authority (ONWASA), a critical water utility in the Jacksonville, North Carolina vicinity, reported to have been target in a ransomware attack.
“We are in the middle of another disaster following Hurricane Florence and tropical storm Michael,” said CEO Jeff Hudson in a video released on Facebook.
Said attack was identified on October 4th by a member of the IT staff. There is reason to belief the weapon of choice was a polymorphic virus dubbed EMOTET. ONWASA’s computer systems were affected, including its servers and and personal computers which left the utility with limited computer capacity. Thankfully, no user information was assessed, but still, some databases will have to be rebuilt. Just when it was believed the malware was under control, it made itself known on October 13 by launching RYUK, a sophisticated virus.
In response to identifying the attack, the IT staff disconnected the utility from the internet. By this time, it was too late as the virus had already spread and encrypted the databases and files. Attacks of such nature have been seen before, as they have occurred in Atlanta, Georgia and Mecklenburg county. Even though the facility has multiple layers of security, firewall and antivirus software inclusive, the main office was still affected. In the wake of the attack, the company received an email from a foreign cyber criminal, one who has ties to the attack and those of other corporations. ONWASA has been cooperating with the FBI all through the investigation and has adamantly refused to pay any ransom, a move which the FBI supports.
It’s a relief that the attack did not affect the public’s water supply or the environment. Even so, the lack of adequate computing facilities will be detrimental to the functioning of ONWASA. For now, the company will rely on manual controls. Hopefully, with time, the utility’s systems will be restored back to optimum, and the criminals responsible for the damage will be brought to justice.
Enjeck Mbeh Cleopatra
Latest posts by Enjeck Mbeh Cleopatra (see all)
- Dark Overlord Hacking Group Delivers On Threat to Release Sensitive 9/11 documents - January 7, 2019
- Apple Support Scam Takes Further Steps in Appearing Legitimate - January 7, 2019
- “WhatsApp Gold” Virus Returns - January 6, 2019