City Power Johannesburg, a South African electricity distributor for parts of Johannesburg, has said that it has been hit by a ransomware virus that has affected most of its IT systems. The ransomware seems to have also affected City Power's website which is used by citizens to log complaints and purchase pre-paid electricity.
The alleged ransomware attack comes at a time where City Power has said it is experiencing a strain on the power grid due to increased use of electricity during Johannesburg's recent cold winter weather. The strain on the grid has thus far resulted in power outages in parts of Johannesburg.
"City Power has been hit by a Ransomware virus. it has encrypted all our databases, applications and network. Currently our ICT department is cleaning and rebuilding all impacted applications. Customers may not be able to visit our website and may not be able to buy electricity units until our ICT department has sorted the matter out, Customers and stakeholders will be updated as and when new information becomes available."
This has left many Johannesburg residents angry and stranded as they were left in, literally, the dark and cold as they could not purchase prepaid electricity.
Ransomware is a piece of software that when activated, threatens to wipe out a system's data or blocks access to the data unless a ransom is paid. In most cases, the ransom is requested to be paid in cryptocurrency, typically Bitcoin. Also, most times, with some exceptions, ransomware is usually activated when an unsuspecting user clicks on a link or installs software that they are not aware is running ransomware.
It's not clear at this stage what led to the ransomware being activated on City Power's network and its nature. It is also not clear whether this has affected any backup IT systems on City Power's network that could help it restore its systems.
At the time of publishing we had not heard back from City Power and we will update this story as soon as we have new information.Share this via: