Ransomware attack hits North Carolina water utility following hurricane

[InfoSec News <alerts () infosecnews org>]

https://www.csoonline.com/article/3314557/security/ransomware-attack-hits-north-carolina-water-utility-following-hurricane.html

By Ms. Smith
CSO
OCT 17, 2018

Bad timing, bad luck or heartless baddies -- maybe all three came into 
play when a critical water utility in North Carolina, which was still 
recovering from Hurricane Florence, was brought to its knees by a 
ransomware attack.

Despite still dealing with the aftermath of Hurricane Florence, which 
ripped through the state in September, Onslow Water and Sewer Authority 
(ONWASA) said it has no intention of paying the ransom demanded. In the 
Jacksonville, North Carolina, utility's words, it "will not negotiate with 
criminals nor bow to their demands."


How the ransomware attack started

The sad and soggy saga did not begin with a sophisticated ransomware 
attack. It began on October 4 when ONWASA was hit with Emotet, "an 
advanced, modular banking Trojan that primarily functions as a downloader 
or dropper of other banking Trojans," according to the alert issued by 
US-CERT in July.

ONWASA initially believed the Trojan was dealt with, but the utility 
brought in outside security pros when Emotet malware proved persistent. 
Fast-forward a week and a half to 3 a.m. on October 13, in what ONWASA 
said "may have been a timed event," and Emotet dropped the nasty, targeted 
ransomware Ryuk.

[...]



--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_