Onslow County Utility Hit with Ransomware Attack

Just when they were trying to get back to normal life after the Hurricane Florence disaster, ONWASA, a water utility company was found to be targeted by cybercriminals.

ONWASA provides water and sewer service to all of Onslow County except Jacksonville residents.

State officials and the Federal agency are working with a North Carolina water utility after it was reported that hackers attacked some of its computer systems.

In a news released on 15th October, the head of the Onslow Water and Sewer Authority said “That its internal computer system, including servers and personal computers, were subjected to what was characterized as “a sophisticated ransomware attack.”

“Many other databases have to be recreated while customer information wasn’t compromised in the attack,” said CEO Jeffrey Hudson. He added that the FBI, the Department of Homeland Security and the state of North Carolina have been called in.

“The utility began experiencing virus attacks from a malware system on Oct. 4”, said Hudson. At what ONWASA officials said may have been a timed event, the malware launched a sophisticated virus known as RYUK. He added that “it was believed the virus was brought under control, but security specialists were called when the problem persisted.”

The internet was immediately disconnected when the ONWASA IT staffer saw the attack. However, the crypto-virus spread quickly along the network, encrypting databases and files.

The attack is similar in nature to those experienced by Atlanta, Georgia, and Mecklenburg County.

The attack is similar to the Mecklenburg County when their computer systems were hacked, and they criminals demand $23,000 to unlock data on county servers frozen by malicious software. The leaders refused to pay the ransom. The computers carried information regarding property taxes, building permits, and processing jail inmates. Experts were able to restore the system with backed-up data.

The next victim of ransomware cyber attack was from the city of Atlanta’s computer network. The attack was discovered by the city’s information security team, which noticed “something that looked peculiar” on the server and began investigating”, said the city spokeswoman.

Also in March, a ransomware attack hit Baltimore’s 911 dispatch system, prompting a roughly 17-hour shutdown of automated emergency dispatching. The Colorado Department of Transportation suffered two attacks a month earlier.

lONWASA claims that they have multiple layers of computer protection in place, including firewalls and malware/anti-virus software.

It was the defenses of the computer systems at the main office that took the jolt.

Cybercriminals sent an email to ONWASA, which claims that the criminals are based in a foreign country