A major U.S. municipal utility company was completely shut down by a cyber attack this week, as a spate of worsening “ransomware” attacks continued unabated.
Lansing Board of Water and Light (BWL), an electricity and water utility company based in Michigan, succumbed to the attack after an employee recieved and opened an email containing a malicious attachment, which spread uncontrolled through a large number of the municipal company’s systems.
According to Lansing executives, the malware moved through their internal computer system, encrypting their files as it went, and forcing BWL to shut down its accounting division, its internal email service (which links 250 people) and the telephone lines, including the customer care line used ot report outages and make inquiries. “Printers and other technology” were also hit by the virus, effectively cutting the company off from the outside workd and disrupting its internal capacity to operate.
In a statement to the press, BWL’s General Manager, Dick Peffley, described the malware used in the attack as “brand-spanking new”, explaining why the company’s up-to-date anti-virus software failed to catch it or contain it. The utility company has since learned that this particular attack could only have been detected by a very select few antivirus systems, due to consisting of absolutely cutting-edge encrypted malware, impossible for normal antivirus software to even see, let alone quarantine.
BWL’s Director of Emergency Management, Trent Atkins, added that “This was a very sophisticated virus that blew right through a number of our security systems.” If you’re worried that your company could have weak points in the firewall you’re using, you may want to look more into pentesting and how it could benefit your cyber security.
Responding to this, Peffley also stated: “In my time at the board of 40 years, I’ve never seen anything like it. Our time keeping, phones, computers, printers, everything that it takes to do the administrative work that the BWL does right now is shut down.”
BWL originally denied that the incident was the result of ransomware, but eventually conceded that the attack was the result of a malware-related ransom attempt. They have not revealed the target of the ransom, as the say the FBI and Michigan State Police Cyber Crimes Unit are still investigating, but insist that customer details were not compromised.
Other targets of ransomware attacks this week have included visitors to a toymaker’s website, a large number of pirates sailing the Pirate Bay, and users of Android phones.