[BreachExchange] ONWASA ’99 percent’ back to normal after cyber attack

Destry Winant destry at riskbasedsecurity.com
Fri Apr 5 09:23:55 EDT 2019


https://www.jdnews.com/news/20190402/onwasa-99-percent-back-to-normal-after-cyber-attack

Onslow Water and Sewer Authority is “99 percent” back to normal
operations, the authority’s director says.

Following a cyber attack last October, when hackers encrypted several
ONWASA systems with ransomware, the organization has been fixing what
was broken and ramping up security measures.

“We are for most places effectively back to normal,” Jeff Hudson,
executive director of ONWASA, said. “We are better than back to
normal.”

Hudson said there were new solutions in place to prevent further such
attacks, and different types of backups established to preserve
company and consumer data.

While ONWASA had backups in place prior to the attack, they were
housed in the Northwest Water Reclamation Facility. The flooding of
that plant following Hurricane Florence led to issues with the
backups, and ONWASA was attacked shortly thereafter.

“I don’t believe in coincidence,” Hudson said, adding that it’s
reasonable for hackers to think organizations are weaker following a
natural disaster.

The investigation into who is responsible for the hack continues.
ONWASA has been working with the Federal Bureau of Investigation, the
Department of Homeland Security, the State of North Carolina, and
several technology security companies, The Daily News reported.
Representatives from the Federal Bureau of Investigation declined to
comment on the investigation.

The supervisory control and data acquisition software at the
Summerhouse Plant is still being worked on, Hudson said.

The software would allow the company to manage operations remotely,
Hudson said, but for now they are operating manually onsite. The
remote access should be up and running in the next two-to-three weeks,
he estimated.

At no point was customers’ data endangered by the ransomware, Hudson
reiterated, and at no point did ONWASA stop providing services to the
community.

“We have state of the art new software and hardware,” Hudson said.
“I’m confident that we are as secure as any of our contemporaries can
be.”


More information about the BreachExchange mailing list