Pakistan’s Power Utility K-Electric Suffered Ransomware Attack

Update: K-Electric website is now working fine. They have also issued a pop-up notice on their website confirming that all of their services are fully functional. However, the company hasn’t officially disclosed anything about the ransomware attack. Nor is it clear whether they have made any payments to the attackers.

After targeting numerous organizations globally, Netwalker has now aimed at Pakistan. Recently, Pakistan’s largest power supply company K-Electric fell victim to the Netwalker ransomware attack.

K-Electric Suffered Ransomware Attack

Earlier this week, Pakistan’s power supply company K-Electric suffered a cyber attack.

K-Electric (formerly Karachi Electric Supply Corporation (KESC)) is a private entity responsible for managing the generation, transmission, and distribution, of energy to the customers. KE directly manages these responsibilities for the largest city and economic hub of Pakistan, Karachi.

The news surfaced online recently when K-Electric disclosed the incident in a tweet via their official account.

As revealed, the attack didn’t affect KE’s power generation and supply systems, it did affect certain online services. For instance, customers may not download duplicate bills from their website, as this feature is still down at the time of writing this article.

Image: Latest Hacking News

According to the notice, the company has consulted with information security experts and local authorities over this incident.

Besides this simple disclosure, K-Electric has not shared any further details of the incident.

Netwalker Ransomware Involved

According to Bleeping Computer, K-Electric suffered a Netwalker ransomware attack. This incident subsequently disrupted the firm’s online billing services.

As per the details surfaced online, Netwalker has demanded a ransom of $3.85 million in BTC. Failing to pay the ransom within seven days will increase it to $7.7 million.

The attackers have also exfiltrated unencrypted data from the firm’s database. Though, they haven’t exactly stated the details about the type of data stolen.

Netwalker has been active for quite a while, targeting numerous organizations this year. In July, Netwalker targeted Lorien Health Services. Whereas, according to RansomLeaks, they also preyed on many more victims around the same time they attacked K-Electric.

It is unclear if KE has drafted any solution to combat this situation, or whether or not they are willing to pay the ransom.

Let us know your thoughts in the comments.

Related posts

Hard-Coded Credentials Vulnerability Found In Kubernetes Image Builder

Critical Vulnerability Patched In Jetpack WordPress Plugin

Astaroth Banking Malware Runs Actively Targets Users In Brazil