Home Technology Joburg’s City Power hit by ransomware, leaving many residents unable to buy pre-paid electricity

Joburg’s City Power hit by ransomware, leaving many residents unable to buy pre-paid electricity

1 min read
83
Citypower

The City of Johannesburg confirmed on Twitter today that its power facility’s IT infrastructure has been hit by ransomware. Ransomware is a type of malware that infects machines and encrypts the data, in an attempt to get people who don’t back up as often as they should to cough over money – usually in the form of Bitcoin – for the encryption key.

“City Power has been hit by a Ransomware virus. it has encrypted all our databases, applications and network. Currently our ICT department is cleaning and rebuilding all impacted applications,” the power utility said on Twitter.

“Customers may not be able to visit our website and may not be able to buy electricity units until our ICT department has sorted the matter out, Customers and stakeholders will be updated as and when new information becomes available.”

As a result, customers are unable to use the City Power website. The biggest issue this is causing for many is that pre-paid electricity vendors are unable to vend, which of course means that many consumers are unable to top up their power while the City of Johannesburg sorts out its IT issues.

“The virus has affected our customers’ ability to vend, that is buying electricity, upload invoices, or access our website. It may also affect our response to some outages as the system to order and dispatch material is affected. “

There’s no estimated time for resolution, so those of you relying on pre-paid electricity from City Power may have to do without power for a while.

How utterly embarrassing.

Last Updated: May 11, 2020

83 Comments

  1. Geoffrey Tim

    July 25, 2019 at 10:39

    I mean, I feel for the IT dudes because they are having the WORST day, just because somebody clicked through to some dodgy site taking another “Which Harry Potter character are you?” quiz – but damn, have a decent IT policy.

    Reply

    • For the Emperor!

      July 25, 2019 at 10:48

      Due to such incidents in the past, the place I work block Gmail, Youtube, Facebook, Twittter, Instagram and a whole host of other things just to “idiot proof” the network…

      Reply

    • Admiral Chief Umbra

      July 25, 2019 at 10:56

      CH IT Policy
      Page 1-5
      DO NOT ALLOW DARRYN ADMIN ACCESS ANYWHERE

      Reply

      • Geoffrey Tim

        July 25, 2019 at 11:13

        Funny story. Kervyn has admin access and one day replaced CH’s ENTIRE FRONT PAGE with a single news story.

        Reply

        • Yahtzee

          July 25, 2019 at 11:13

          So it was… *puts on sunglasses*

          … BREAKING news

          Reply

          • Admiral Chief Umbra

            July 25, 2019 at 11:21

            Lolz, ok I giggled

          • Guz

            July 25, 2019 at 11:21

            Hahaha!

          • Geoffrey Tim

            July 25, 2019 at 11:52

            Excellent.

          • Raptor Rants

            July 25, 2019 at 11:59

            Laughed too hard

          • Pariah

            July 25, 2019 at 11:59

            Side note: you were the 7th upvote on that. XD

          • Raptor Rants

            July 25, 2019 at 11:59

            Ssshhhhhhhhh

          • Admiral Chief Umbra

            July 25, 2019 at 12:13

            I saw that

    • Gavin Mannion

      July 25, 2019 at 11:13

      I’m Hermoine…

      Reply

      • Yahtzee

        July 25, 2019 at 11:13

        Moaning Myrtle for me though

        Reply

      • Raptor Rants

        July 25, 2019 at 13:15

        Snape, snape, severus snape. Snape, snape severus snape

        Reply

    • Allykhat

      July 25, 2019 at 12:59

      IT dude here. You can have the strictest IT Policy in the world. It doesn’t make a difference. One idiot clicking something they shouldn’t is all it takes.

      Reply

    • HvR

      July 25, 2019 at 10:56

      But having your critical infrastructure not isolated from your nincompoop network is also not the brightest of setups.

      Reply

      • Admiral Chief Umbra

        July 25, 2019 at 13:06

        ^^^

        Reply

      • Guz

        July 25, 2019 at 11:13

        Well this is government , look at who they had heading up SARS IT dept, miss ‘protect me from yourself

        Reply

      • Guz

        July 25, 2019 at 11:13

        Well this is government , look at who they had heading up SARS IT dept, miss ‘protect me from yourself

        Reply

    • Guz

      July 25, 2019 at 11:05

      Still boggles my mind how people are still so PC illiterate in this day and age, I mean if you work in a corporate or government job and have access to a PC you should at least be competent with it’s use.
      It’s like giving 12 year olds car keys and letting them on the highway

      Reply

      • Yahtzee

        July 25, 2019 at 11:13

        Did you just use competent and government in the same sentence?

        Reply

        • Admiral Chief Umbra

          July 25, 2019 at 11:13

          HAH

          Reply

        • Guz

          July 25, 2019 at 11:21

          ….they should be, not they are xD

          Reply

      • Raptor Rants

        July 25, 2019 at 12:20

        Look, in all fairness, I’ve seen some very legitimate ones lately. Some scary ones that mimic even internal mails and sites.

        That being said, there are some blatant ones that people still fall for and there I agree, how can you not realise?

        Reply

        • Yahtzee

          July 25, 2019 at 12:20

          I have also noticed the new ones are mimicking domains. It’s a constant fear that someone is going to do an oopsie soon.

          Reply

          • Raptor Rants

            July 25, 2019 at 12:27

            We actually got one from a supplier, from their own email server and valid email account that was so specific it mentioned a document that is being shared via onedrive… A document our guys were waiting for. It was so legit. Correct email, correct file description for the project… Everything. Had the guys not been paying attention and noticed something “off” with the OneDrive login site it would have been game over most likely.

          • Guz

            July 25, 2019 at 12:28

            o.O wow scary stuff, just from a security pov it would be quite interesting to find out how they do it, it must be 2 part some how with something more benign listing and reporting things like file names ect

          • Admiral Chief Umbra

            July 25, 2019 at 12:28

            That the one you told me about?

            Scary AF

          • Raptor Rants

            July 25, 2019 at 12:34

            Yep. Dat one

          • Guz

            July 25, 2019 at 12:28

            o.O wow scary stuff, just from a security pov it would be quite interesting to find out how they do it, it must be 2 part some how with something more benign listing and reporting things like file names ect

          • Raptor Rants

            July 25, 2019 at 12:34

            Suuuuper scary. We haven’t heard from the supplier what went down but we assume there was some form of tracking on the emails with keywords being selected and then the usual trojan on the email client to generate and pop a mail off.

            But man it was so so so legit.

  2. HvR

    July 25, 2019 at 10:48

    Get prepaid they said, it ill be easier they said, it will be cheaper they said.

    Hah, keeping my postpaid meter until they come enforce to remove it.

    Reply

  3. Admiral Chief Umbra

    July 25, 2019 at 10:56

    Masehare, THOUSANDS of people will now be affected by this.

    What a monumentous cockup

    Reply

  4. Gavin Mannion

    July 25, 2019 at 10:56

    I’m off the belief that this ransomware has the possibility of exporting data… so all of JHB payers information COULD now be public.

    Also, congrats to the DA, this never happened under the ANC’s watch

    Reply

    • Admiral Chief Umbra

      July 25, 2019 at 11:21

      The DA is just as corrupt and useless with all the infighting and fake politics

      Reply

    • HvR

      July 25, 2019 at 11:35

      The only difference between the DA and ANC is that DA steals less (or they are better at hiding it)

      Reply

      • Admiral Chief Umbra

        July 25, 2019 at 11:42

        Better at hiding it is my guess

        Reply

    • For the Emperor!

      July 25, 2019 at 12:06

      I am pretty sure the systems and infrastructure is the same. Still, the DA is just as useless as the ANC…or more. I just know they lost my vote when they moved squatters into the protected marshes behind our house and opened the way for the construction trucks to dump in said protected marshes…

      Reply

      • Gavin Mannion

        July 25, 2019 at 13:23

        systems and infrastructure could well be the same, but they now handle staffing etc and have obviously screwed it up… they made a song and dance about fixing the billing etc. It was one of their main election promises and it’s literally much much worse.

        Useless idiots

        Reply

        • HvR

          July 25, 2019 at 16:15

          I’ve been saying it for years every time somebody from Gauteng used to say “O you are so lucky you live in Cape Town because the DA runs it”

          All the DA gave us was clean annual audits and fooking high municipal bill.

          Past 2 years we have had 40 days without water; ZERO public transport.

          Why is the area where I live so nice? because we do everything ourselves, security and policing, semi-legal enforcement of the bylaws, maintaining the greenbelts and parks.

          Reply

        • For the Emperor!

          July 25, 2019 at 13:32

          “Useless idiots” – 100% agreed 🙂

          Reply

  5. Guz

    July 25, 2019 at 11:05

    Wow the level of incompetence here is staggering

    Reply

  6. Magoo

    July 25, 2019 at 11:05

    This happened to my mate’s small-time marketing firm. They did not have any other option but to pay the ransom which came to about R6000. The funniest thing is that the perpetrator was super friendly. He even did troubleshooting with them days after the incident and helped them install security features that would prevent it from happening again in the future.

    At the end of the day what they got was basically a cheap overhaul to their system that they didn’t ask for but are grateful for.

    Reply

    • Dutch Matrix

      July 25, 2019 at 11:13

      That is like getting shot in the leg. By a doctor. Who then charges you to stitch up your leg, but it’s okay because he was super friendly doing the stitching.
      Also, offsite backups??

      Reply

      • Magoo

        July 25, 2019 at 11:13

        No but then he also makes your leg bulletproof… Don’t get me wrong, fuck that guy. He deserves to be locked up. Just a funny story.

        Reply

        • Dutch Matrix

          July 25, 2019 at 11:13

          I guess.

          Reply

    • Admiral Chief Umbra

      July 25, 2019 at 11:13

      GG WP

      Reply

  7. Guz

    July 25, 2019 at 11:21

  8. Dutch Matrix

    July 25, 2019 at 11:28

    If I was a hacker, I would do tiny things.
    Like change, say, FNB’s Logoff button to say Fokoff.
    Stuff for funsies, you know.

    Reply

  9. Llama In The Rift

    July 25, 2019 at 11:35

    Doesnt matter how bad you’re day goes or is….just rejoice in the fact that you’re not elbowsarmpits deep in sewage and shit uncloging drains.

    Reply

    • HvR

      July 25, 2019 at 11:59

      Reminds me what I need to do this weekend; at least it is my own shit

      Reply

  10. Lynley James

    July 25, 2019 at 11:52

    Just tested out Standard Bank via the mobile app, should be same for online banking, and that worked fine. Not sure which vendors are affected or if they sorted it out.

    Reply

  11. Raptor Rants

    July 25, 2019 at 11:52

    I was asked today why we refuse to turn off protected view in Excel for all files by default. Coz folk don’t want to click “Enable Content”

    I replied that that is how you get a City Power situation.

    Reply

  12. Raptor Rants

    July 25, 2019 at 11:59

    Also, worst IT day ever. Stay strong my brethren. You will win. Unless you didn’t have a DR plan in place. In which case…. Good luck

    Reply

    • Magoo

      July 25, 2019 at 12:28

      “plan in place” is not exactly the kind of lifestyle choice that Shitty Power makes.

      Reply

Leave a Reply

Your email address will not be published.

Check Also

Win tickets to the JHB launch of Overwatch

Overwatch is out next week, bringing Blizzard’s much-anticipated Hero Shooter to retail – …