If you thought last week’s ransomware attack on City Power sounded like a movie script, it’s because that kind of scary possibility has been fictional fodder for years.
Films have long proposed the idea of hackers taking over a computer network for nefarious ends. Sadly, ransomware attacks have moved beyond movies into everyday reality.
Johannesburg’s power company has joined a long list of targets, including recent attacks on the US cities of Maryland and Atlanta. A digital ransom note to the Maryland authorities demanded about $75,000 in bitcoin. "We won’t talk more, all we know is MONEY!" the note read.
They are not alone. Security firm Kaspersky monitored 194,803 ransomware attacks in SA alone in 2018. That’s a 64% increase over 2017, the Russian firm told the FM. "The modern rise in ransomware, and frankly the wild success, is directly attributable to bitcoin and other cryptocurrencies," Allan Liska, an analyst at cybersecurity firm Recorded Future, told The New York Times.
Until now, extortionists had to use the formal banking system, which still allows for transactions to be tracked. Cybercriminals got smart with cryptocurrencies, which have a decentralised payment system popular in the underground drug market on the Dark Web. Liska estimates there have been 169 cases of US state and local governments being hit by ransomware attacks, since the 2013 event he identifies as the start of this wave of cybercrime when malware called CryptoLocker was used to infect a Massachusetts police department.
The use of cryptocurrencies is directly responsible for the rise in ransomware attacks
"There’s really probably a lot more that are never reported on," he told the paper. CNN reports there have been 22 known public sector ransomware attacks so far this year. Ransomware can be sneaked into computer systems by utilising known flaws, which are also known as exploits, in the operating systems. Software makers like Microsoft regularly issue updates, known as patches, to address these security issues. Often, ransomware and other malware are sneaked onto computers using these exploits because the computer administrator hasn’t installed the update patch. If they had, the ransomware wouldn’t be able to exploit their systems.
If system administrators update their software, at the very least, they vastly diminish the chances of being compromised. Even more bizarre is that the Maryland hack reportedly used malware created by the US’s National Security Agency called EternalBlue, The New York Times reported in May. This malware exploited a flaw in Microsoft software and was used in North Korea’s 2017 WannaCry attack. It was used again by Russia against Ukraine. The New York Times says it cost FedEx over $400m and pharmaceutical giant Merck $670m.
City Power hasn’t been forthcoming with details, but it tweeted that the attacks "encrypted all our databases, applications and network".
Welcome to the new reality of computer warfare.
• Shapshak is editor-in-chief and publisher of Stuff magazine (stuff.co.za)
Would you like to comment on this article?
Sign up (it's quick and free) or sign in now.
Please read our Comment Policy before commenting.