Some residents of the Johannesburg (the largest city of South Africa) last day were left without electricity after the power company of the city has been attacked by a ransomware virus. The company responsible for powering South Africa’s financial capital Johannesburg, City Power, has confirmed on Twitter that it had been hit by a ransomware virus that had encrypted all of its databases, network and applications. The attack has prevented prepaid customers from purchasing electricity units, upload invoices while making any payments or even access the official website of City Power, eventually leaving them without power.
In a tweet, the city government has revealed a note that the virus hit the company early Thursday morning, compromising their database and other software, impacting most of their applications and networks. Nevertheless, the company has also ensured its customers that none of their details was compromised in the cyber attack. As of now, the company has confirmed that they have restored the electricity supply in many areas of the city and as well as most of the critical applications including the prepaid vending system are responsible for enabling its customers to buy electricity. However, the customers seeking to access the City Power website to log the faults are still unable to do so. Thus, they are requested to log calls by their mobile phones using the citypower.mobi. Based on the type and severity of the cyber attack, it is believed that the total clean up of the affected services and networks would consume a few weeks. Besides this, it could cost millions of dollars similar to the incident where the City of Baltimore recently spent $5,310,546 in hiring security consultant firms and upgrading its infrastructure following a ransomware attack that shut down the majority of its servers. Also, the city government did not provide any details related to the type of ransomware virus that has hit the power company or if the company has a backup for critical files that have been encrypted by the malware. On Thursday afternoon, the city government has said that the customers must
not panic as none of their details was compromised. To this, he added that they apologize for the inconvenience caused to the people of the City of Johannesburg and asked the residents to be patient with them, and they expect to have everything back in order by the end of Thursday.
The ransomware attack did not hit just Johannesburg but a growing number of cities have been targeted in the last couple of months with ransomware as cybercriminals aim municipalities around the world. The previous month, ransomware viruses hit two cities in Florida that made large ransom payments to gain back access to city files that were encrypted in the attacks—these cities include Riviera Beach City ($600,000) and Lake City ($500,000) in Florida. Nevertheless, the federal authorities and cyber security experts have always advised victims not to pay ransoms since it encourages criminals, and also there’s no guarantee of files or computer systems being completely restored. In place of paying the ransom, the organizations and companies should consider having robust backups of their important and required files and data in place as well as educating their employees to avoid being a victim of such cyber attacks.