On April 25, an attack launched against the Lansing Board of Water and Light proved just how vulnerable organizations can be to this ballooning threat vector.
If you’ve been anywhere near a social media newsfeed in the last couple of years, then you’ve likely seen the horror stories about ransomware attacks. What looks like an attachment sent by a friend infects your computer or network and sends you on a hellish misadventure to recover files taken hostage.
For the most part, these stories have circulated through the networks of pedestrian Internet users, but have exploded into the national spotlight as hospitals and other organizations fall prey to them.
On April 25, an attack launched against a Michigan utility provider proved just how vulnerable organizations can be to this ballooning threat vector.
When an employee of the Lansing Board of Water and Light (LBWL) opened what seemed to be a legitimate email attachment, the business side of the house went into a self-imposed lockdown of their systems. Though there was no impact to the delivery of utility services, the malicious code forced a shutdown of network and vital business services, which included phone lines and billing services.
[1/4] Today we were the victim of ransomware that came in through a phishing virus and infected our corporate networks.— Lansing BWL (@BWLComm) April 25, 2016
[2/4] We immediately instated a self-imposed lockdown to all of our corporate networks to protect the system while developing a solution.— Lansing BWL (@BWLComm) April 25, 2016
[3/4] We are working with local, state and federal law enforcement authorities. No utility functionality has been lost during the attack.— Lansing BWL (@BWLComm) April 25, 2016
[4/4] No personal customer info has been compromised. Customers are still able to make payments online, in our cust serv center & at kiosks.— Lansing BWL (@BWLComm) April 25, 2016