https://www.csoonline.com/article/3314557/security/ransomware-attack-hits-north-carolina-water-utility-following-hurricane.html
By Ms. Smith
CSO
OCT 17, 2018
Bad timing, bad luck or heartless baddies -- maybe all three came into
play when a critical water utility in North Carolina, which was still
recovering from Hurricane Florence, was brought to its knees by a
ransomware attack.
Despite still dealing with the aftermath of Hurricane Florence, which
ripped through the state in September, Onslow Water and Sewer Authority
(ONWASA) said it has no intention of paying the ransom demanded. In the
Jacksonville, North Carolina, utility's words, it "will not negotiate with
criminals nor bow to their demands."
How the ransomware attack started
The sad and soggy saga did not begin with a sophisticated ransomware
attack. It began on October 4 when ONWASA was hit with Emotet, "an
advanced, modular banking Trojan that primarily functions as a downloader
or dropper of other banking Trojans," according to the alert issued by
US-CERT in July.
ONWASA initially believed the Trojan was dealt with, but the utility
brought in outside security pros when Emotet malware proved persistent.
Fast-forward a week and a half to 3 a.m. on October 13, in what ONWASA
said "may have been a timed event," and Emotet dropped the nasty, targeted
ransomware Ryuk.
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
