/
FINAL WORD
How to safeguard your
network following
attack on City Power
Industry leaders have warned that the ransomware
attack on City Power Johannesburg is just another
warning to the government and corporates that they
are not immune to cyberattacks.
T
he attack caused blackouts across the
city as cyber criminals took control
of the City’s power servers which
prevented residents from purchasing electricity.
City Power Johannesburg successfully restored
its encrypted servers within hours of the
security breach being identified. However,
experts say it should serve as a warning to
other service providers that ransomware could
easily debilitate a city. Depending on severity
of the attack, it could take days, weeks or
months to recover critical data.
Security expert and J2 Software CEO
John Mc Loughlin says cities seem to be a
preferred target for ransomware nowadays.
"They are often paying criminals millions to
recover encrypted critical data in order to
quickly restore their services," he said.
"It is highly recommended that one never
pays the ransom because even if one does,
there is no guarantee that you will get your
information back. Regardless, one will have
to set up a new system and restore the files
that were encrypted. Also remember, with
ransomware, the first thing hackers aim
to do is to delete backups if they are not
segmented from the network.
74
Businesses need to assess the kind of attacks
that are most probable to hit their networks."
Mike Bergen, of GECI, an international
tactical cybersecurity specialist company
now based in South Africa, says that it was
only a matter of time before a high-profile
cyberattack was launched on a major South
African utility or infrastructure provider.
“We see these sorts of attacks increasing all
around the world, and South Africa is not
immune,” he said.
“Cybercrime is a vast and rapidly growing
business, tipped to cost businesses and
government globally around US$6 trillion by
2021, double what it was in 2015.
"It has reached pandemic levels with some
4,000 cyberattacks per day. It’s no longer a
question of if an attack will occur, but when
one will be hit.”
Bergen believes South African municipalities
and utilities may be neglecting basic
cybersecurity best practice, which increases
their risk exposure.
"Remember, every single recovery method
will already be anticipated by the hackers. “Unpatched systems and a tendency to be
reactive rather than proactive, contribute
to their risk – particularly in the area of
cybersecurity for Operations Systems (OT),”
he said
“Although data theft could cause huge
damage, there are other threats like
ransomware that are more likely and would
have a profound effect on any company. Stuart Reed, VP Cyber Security Nominet,
says that identifying malware and phishing
attacks on the network early is critical to
mitigating the risk of a ransomware attack.
INTELLIGENTCIO
www.intelligentcio.com