News & Comment: Feds investigate after hackers attack water utility

Feds investigate after hackers attack water utility

Federal and state officials are working with a North Carolina water utility after hackers attacked some of its computer systems. The head of the Onslow Water and Sewer Authority said in a news release Monday that its internal computer system, including servers and personal computers, were subjected to what was characterized as “a sophisticated ransomware attack.” CEO Jeffrey Hudson said while customer information wasn’t compromised in the attack, many other databases have to be recreated. He added that the FBI, the Department of Homeland Security and the state of North Carolina have been called in.

READ ANNOUNCEMENT

 

Comment:

Adam Laub, Senior VP, Product Marketing, STEALTHbits Technologies, Inc.

“Ransomware has made big headlines for the past few years and will continue to for as long as it remains effective in its mission of making money and causing disruption, or at least one of the two.

“Organizations serious about (at a minimum) mitigating the damage that can be done by Ransomware in the event of an infection can focus on a few basic activities. The first is end user education. As most Ransomware is delivered through malicious email links, educating users on the danger of clicking on links from even trusted email sources can prevent many Ransomware infections to begin with. Reducing end user access to file data, in particular, is also an effective mitigation technique because Ransomware and other malware often relies on the access rights of the user who’s been compromised.  If they don’t have access privileges, then neither does the malware. Finally, backing up data – at least the data you really care about – can make even a successful Ransomware attack a non-issue (relatively speaking).”