The ransomware attack that shut down Johannesburg City Power’s systems for several hours yesterday is not surprising, given the high level of vulnerabilities at utilities and crucial infrastructure, says GECI
Mike Bergen of GECI, an international tactical cybersecurity specialist company now in South Africa, says: “It was only a matter of time before a high-profile cyber attack was launched on a major South African utility or infrastructure provider. We see these sorts of attacks increasing all around the world, and South Africa is not immune.”
Thousands of Johannesburg residents were reported to have been affected yesterday, when a ransomware attack on City Power shut down systems, preventing customers from accessing the entity’s website or topping up their pre-paid power. City Power said the attack had compromised their web server, databases, applications and network.
Bergen notes that scores of similar attacks have targeted municipalities and utilities around the world this year alone. “At least 25 municipalities in the US were victims of ransomware attacks in the first six months of this year. At this rate, the number of attacks is on track to exceed the 53 reported in the US last year.” Bergen notes that in some cases, the cyber criminals were able to extort hundreds of thousands of dollars in ransom from the affected organisations. “This is a lucrative form of crime, so we can expect to see the incidence of targeted attacks increasing,” he says.
“Cybercrime is a vast and rapidly growing business, tipped to cost businesses and government globally around $6 trillion by 2021, double what it was in 2015. It has reached pandemic levels with some 4000 cyber attacks per day. It’s no longer a question of if an attack will occur, but when one will be hit.”
Bergen believes South African municipalities and utilities may be neglecting basic cyber security best practice, which increases their risk exposure. “Unpatched systems and a tendency to be reactive rather than proactive, contribute to their risk – particularly in the area of cyber security for Operations Systems (OT),” he says.