Update: K-Electric website is now working fine. They have also issued a pop-up notice on their website confirming that all of their services are fully functional. However, the company hasn’t officially disclosed anything about the ransomware attack. Nor is it clear whether they have made any payments to the attackers.
After targeting numerous organizations globally, Netwalker has now aimed at Pakistan. Recently, Pakistan’s largest power supply company K-Electric fell victim to the Netwalker ransomware attack.
K-Electric Suffered Ransomware Attack
Earlier this week, Pakistan’s power supply company K-Electric suffered a cyber attack.
K-Electric (formerly Karachi Electric Supply Corporation (KESC)) is a private entity responsible for managing the generation, transmission, and distribution, of energy to the customers. KE directly manages these responsibilities for the largest city and economic hub of Pakistan, Karachi.
The news surfaced online recently when K-Electric disclosed the incident in a tweet via their official account.
K-Electric experienced an attempted Cyber-Incident earlier this week. pic.twitter.com/bQcP2bop2q
— KE (@KElectricPk) September 9, 2020
As revealed, the attack didn’t affect KE’s power generation and supply systems, it did affect certain online services. For instance, customers may not download duplicate bills from their website, as this feature is still down at the time of writing this article.
According to the notice, the company has consulted with information security experts and local authorities over this incident.
Besides this simple disclosure, K-Electric has not shared any further details of the incident.
Netwalker Ransomware Involved
According to Bleeping Computer, K-Electric suffered a Netwalker ransomware attack. This incident subsequently disrupted the firm’s online billing services.
As per the details surfaced online, Netwalker has demanded a ransom of $3.85 million in BTC. Failing to pay the ransom within seven days will increase it to $7.7 million.
The attackers have also exfiltrated unencrypted data from the firm’s database. Though, they haven’t exactly stated the details about the type of data stolen.
Netwalker has been active for quite a while, targeting numerous organizations this year. In July, Netwalker targeted Lorien Health Services. Whereas, according to RansomLeaks, they also preyed on many more victims around the same time they attacked K-Electric.
It is unclear if KE has drafted any solution to combat this situation, or whether or not they are willing to pay the ransom.
Let us know your thoughts in the comments.