Michigan electricity utility downed by ransomware attack

Richard Chirgwin reports:

A water and electricity authority in the US State of Michigan has needed a week to recover from a ransomware attack that fortunately only hit its enterprise systems.

Lansing’s BWL – Board of Water & Light – first noticed the successful phishing attack on its corporate systems on April 25, and has had to keep systems including phone servers locked down since then.

The company says customer data has not been stolen (only, as is the case in ransomware attacks, encrypted).

Read more on The Register.

Last week, the FBI posted an alert highlighting what we already knew: ransomware is on the rise. And not only is it hitting all sectors, it’s hitting personal home computers.

What some may not know, and from the FBI’s alert:

And in newly identified instances of ransomware, some cyber criminals aren’t using e-mails at all. According to FBI Cyber Division Assistant Director James Trainor, “These criminals have evolved over time and now bypass the need for an individual to click on a link. They do this by seeding legitimate websites with malicious code, taking advantage of unpatched software on end-user computers.”

If you think you or your organization have been the victim of ransomware, contact your local FBI field office and report the incident to the Bureau’s Internet Crime Complaint Center.

About the author: Dissent