O&M

North Carolina Utility Hobbled by Ransomware Attack in Wake of Florence

Hackers, like looters, look for the most vulnerable time to strike.

Cybercriminals targeted Onslow Water and Sewer Authority (ONWASA) of Jacksonville, North Carolina in the wake of Hurricane Florence. The utility already dealing with the weather disaster now had servers and personal computers subjected to a ransomware attack.

Earlier this month, ONWASA began experiencing attacks from a virus known as EMOTET, what is called a polymorphic malware. The utility thought it was under control and hired outside cybersecurity help but then was hit with a sophisticated virus known as RYUK over the last weekend.

A staff member disconnected ONWASA from the internet, but the virus spread quickly and caused disruption, according to the company release.

The lack of computing ability will impact the timeliness of the utility’s service to its customers for a time, ONWASA warned. It is rebuilding its database but will not pay the ransomware.

“Ransom monies would be used to fund criminal and perhaps terrorist activities in other countries,” the ONWASA press release noted. “Furthermore, there is no expectation that payment of a ransom would forestall repeat attacks.”

A Forbes story earlier this year, citing a report by global insurance and risk management group Marsh, indicated that 76 percent of energy company leaders are worried about cyberattacks. A slighter higher number say their companies are planning to invest more in managing and protecting against those risks.

ONWASA’s home base of Jacksonville, meanwhile, suffered massive flooding due to Hurricane Florence.

(Digital Solutions and Cybersecurity is a key track at the upcoming POWER-GEN International conference December 4-6 in Orlando. Click here for more information and to register).