[BreachExchange] ONWASA: $277K spent on recovery, defense after cyber attack

Destry Winant destry at riskbasedsecurity.com
Fri Jan 11 10:03:32 EST 2019


https://www.jdnews.com/news/20190109/onwasa-277k-spent-on-recovery-defense-after-cyber-attack

ONWASA spent approximately $277,000 on recovery and on changing the
types of defenses they employ following a cyber hack in October.

Operations at Onslow Water and Sewer Authority are approaching full
recovery following a cyber attack in October.

Hackers encrypted several ONWASA systems in a ransomware attack as the
company was recovering from Hurricane Florence, causing a loss of data
and prompting an investigation by the Federal Bureau of Investigation,
the Department of Homeland Security, the State of North Carolina, and
several technology security companies.

While the ransomware did not affect customer data, the company was
forced to disconnect from the internet and resort to using a single
utility services computer. Service orders still are printed and
distributed to workers before they leave for the day because the
computers in the service trucks have been disconnected.

But things have been gradually improving since then.

“We are back up to between 80 and 90 percent normal,” Jeff Hudson,
ONWASA chief executive officer, said.

Hudson said that ONWASA was also able to recover some data deemed lost.

“We initially believed that it had been encrypted,” Hudson explained.

Furthermore, Hudson said, the removal of the computers allowed ONWASA
an opportunity to improve their existing field trucks.

“We’re upgrading the trucks with external antennas,” Hudson said. “We
had to remove all the computers from our trucks. We’re putting them
back with that new technology.”

The antenna installations are being performed by Mobile Communications
America out of Wilmington, according to Hudson.

ONWASA spent approximately $277,000 on recovery following the hack and
on changing the types of defenses they employ, according to Hudson.
The company made changes based on recommendations from the military
and the cybersecurity consultants they hired.

According to the ONWASA information technology department, the company
should be back to 100 percent — including the installations of the
truck antennas — within the next 30 days.


More information about the BreachExchange mailing list