Lansing Board of Water & Light Hit By Ransomware Attack
The Board of Water and Light (BWL) in Lansing, Michigan,was struck by ransomware on Monday, April 25. Only the corporate network was affected, with no disruption to water or energy supplies. The BWL has kept its customers updated through its Twitter feed, but few details (apparently on advice from the FBI) are yet known. Nevertheless, this would seem to be the first disclosed example of a utility being successfully compromised by ransomware.
The incident was announced via a series of tweets when it first occurred. "Today we were the victim of ransomware that came in through a phishing virus and infected our corporate networks. We immediately instated a self-imposed lockdown to all of our corporate networks to protect the system while developing a solution. We are working with local, state and federal law enforcement authorities. No utility functionality has been lost during the attack. No personal customer info has been compromised. Customers are still able to make payments online, in our cust serv center & at kiosks."
From this we can assume that the ransomware may have encrypted parts of BWL's corporate network but did not succeed in accessing the operational network and the industrial control systems (ICS).
Yesterday, BWL posted a FAQ on Twitter. It reiterated that it shut down the network itself. On discovering the incident, "as a precaution, we immediately initiated a self-imposed lockdown of all corporate systems." We don't know whether the loss of corporate systems was due to the lockdown or ransomware encryption. Nevertheless, we can assume that law enforcement will be taking a very keen interest in the malware involved and the actors who control it: it has got unnervingly close to what is essentially a part of the critical national infrastructure.
Just one month ago, Patrick Coyle, the owner and author of Chemical Facility Security Newstold SecurityWeek that his personal nightmare for utilities is that "someone will put a critical infrastructure on lockdown with ransomware. That does not take any great process knowledge; just access to the system."
Read More:Michigan Power and Water Utility Hit by Ransomware Attack | SecurityWeek.Com
The Board of Water and Light (BWL) in Lansing, Michigan,was struck by ransomware on Monday, April 25. Only the corporate network was affected, with no disruption to water or energy supplies. The BWL has kept its customers updated through its Twitter feed, but few details (apparently on advice from the FBI) are yet known. Nevertheless, this would seem to be the first disclosed example of a utility being successfully compromised by ransomware.
The incident was announced via a series of tweets when it first occurred. "Today we were the victim of ransomware that came in through a phishing virus and infected our corporate networks. We immediately instated a self-imposed lockdown to all of our corporate networks to protect the system while developing a solution. We are working with local, state and federal law enforcement authorities. No utility functionality has been lost during the attack. No personal customer info has been compromised. Customers are still able to make payments online, in our cust serv center & at kiosks."
From this we can assume that the ransomware may have encrypted parts of BWL's corporate network but did not succeed in accessing the operational network and the industrial control systems (ICS).
Yesterday, BWL posted a FAQ on Twitter. It reiterated that it shut down the network itself. On discovering the incident, "as a precaution, we immediately initiated a self-imposed lockdown of all corporate systems." We don't know whether the loss of corporate systems was due to the lockdown or ransomware encryption. Nevertheless, we can assume that law enforcement will be taking a very keen interest in the malware involved and the actors who control it: it has got unnervingly close to what is essentially a part of the critical national infrastructure.
Just one month ago, Patrick Coyle, the owner and author of Chemical Facility Security Newstold SecurityWeek that his personal nightmare for utilities is that "someone will put a critical infrastructure on lockdown with ransomware. That does not take any great process knowledge; just access to the system."
Read More:Michigan Power and Water Utility Hit by Ransomware Attack | SecurityWeek.Com
![[correlate]](/data/avatars/s/79/79653.jpg?1556985072){kind=avatar}