The City of Johannesburg confirmed on Twitter today that its power facility’s IT infrastructure has been hit by ransomware. Ransomware is a type of malware that infects machines and encrypts the data, in an attempt to get people who don’t back up as often as they should to cough over money – usually in the form of Bitcoin – for the encryption key.
“City Power has been hit by a Ransomware virus. it has encrypted all our databases, applications and network. Currently our ICT department is cleaning and rebuilding all impacted applications,” the power utility said on Twitter.
“Customers may not be able to visit our website and may not be able to buy electricity units until our ICT department has sorted the matter out, Customers and stakeholders will be updated as and when new information becomes available.”
As a result, customers are unable to use the City Power website. The biggest issue this is causing for many is that pre-paid electricity vendors are unable to vend, which of course means that many consumers are unable to top up their power while the City of Johannesburg sorts out its IT issues.
“The virus has affected our customers’ ability to vend, that is buying electricity, upload invoices, or access our website. It may also affect our response to some outages as the system to order and dispatch material is affected. “
There’s no estimated time for resolution, so those of you relying on pre-paid electricity from City Power may have to do without power for a while.
How utterly embarrassing.
Last Updated: May 11, 2020
Geoffrey Tim
July 25, 2019 at 10:39
I mean, I feel for the IT dudes because they are having the WORST day, just because somebody clicked through to some dodgy site taking another “Which Harry Potter character are you?” quiz – but damn, have a decent IT policy.
For the Emperor!
July 25, 2019 at 10:48
Due to such incidents in the past, the place I work block Gmail, Youtube, Facebook, Twittter, Instagram and a whole host of other things just to “idiot proof” the network…
Guz
July 25, 2019 at 11:13
Only problem we have at our company is our marketing dept “need” access and they tend to be the most easily click baited
Admiral Chief Umbra
July 25, 2019 at 11:13
We use strict firewall policies here (moderated by your’s truly and with a Nazi fist) and link scanning in sandbox on ANY email received
Guz
July 25, 2019 at 11:21
https://uploads.disquscdn.com/images/99c576773c439e59378ed9548c1f8199a2f5e7b4efbb4a9cb954da1bad8bc89d.jpg
Admiral Chief Umbra
July 25, 2019 at 10:56
CH IT Policy
Page 1-5
DO NOT ALLOW DARRYN ADMIN ACCESS ANYWHERE
Geoffrey Tim
July 25, 2019 at 11:13
Funny story. Kervyn has admin access and one day replaced CH’s ENTIRE FRONT PAGE with a single news story.
Yahtzee
July 25, 2019 at 11:13
So it was… *puts on sunglasses*
… BREAKING news
Admiral Chief Umbra
July 25, 2019 at 11:21
Lolz, ok I giggled
Guz
July 25, 2019 at 11:21
Hahaha!
Geoffrey Tim
July 25, 2019 at 11:52
Excellent.
Raptor Rants
July 25, 2019 at 11:59
Laughed too hard
Pariah
July 25, 2019 at 11:59
Side note: you were the 7th upvote on that. XD
Raptor Rants
July 25, 2019 at 11:59
Ssshhhhhhhhh
Admiral Chief Umbra
July 25, 2019 at 12:13
I saw that
Gavin Mannion
July 25, 2019 at 11:13
I’m Hermoine…
Yahtzee
July 25, 2019 at 11:13
Moaning Myrtle for me though
Raptor Rants
July 25, 2019 at 13:15
Snape, snape, severus snape. Snape, snape severus snape
Allykhat
July 25, 2019 at 12:59
IT dude here. You can have the strictest IT Policy in the world. It doesn’t make a difference. One idiot clicking something they shouldn’t is all it takes.
HvR
July 25, 2019 at 10:56
But having your critical infrastructure not isolated from your nincompoop network is also not the brightest of setups.
Admiral Chief Umbra
July 25, 2019 at 13:06
^^^
Guz
July 25, 2019 at 11:13
Well this is government , look at who they had heading up SARS IT dept, miss ‘protect me from yourself
Guz
July 25, 2019 at 11:13
Well this is government , look at who they had heading up SARS IT dept, miss ‘protect me from yourself
Guz
July 25, 2019 at 11:05
Still boggles my mind how people are still so PC illiterate in this day and age, I mean if you work in a corporate or government job and have access to a PC you should at least be competent with it’s use.
It’s like giving 12 year olds car keys and letting them on the highway
Yahtzee
July 25, 2019 at 11:13
Did you just use competent and government in the same sentence?
Admiral Chief Umbra
July 25, 2019 at 11:13
HAH
Guz
July 25, 2019 at 11:21
….they should be, not they are xD
Raptor Rants
July 25, 2019 at 12:20
Look, in all fairness, I’ve seen some very legitimate ones lately. Some scary ones that mimic even internal mails and sites.
That being said, there are some blatant ones that people still fall for and there I agree, how can you not realise?
Yahtzee
July 25, 2019 at 12:20
I have also noticed the new ones are mimicking domains. It’s a constant fear that someone is going to do an oopsie soon.
Raptor Rants
July 25, 2019 at 12:27
We actually got one from a supplier, from their own email server and valid email account that was so specific it mentioned a document that is being shared via onedrive… A document our guys were waiting for. It was so legit. Correct email, correct file description for the project… Everything. Had the guys not been paying attention and noticed something “off” with the OneDrive login site it would have been game over most likely.
Guz
July 25, 2019 at 12:28
o.O wow scary stuff, just from a security pov it would be quite interesting to find out how they do it, it must be 2 part some how with something more benign listing and reporting things like file names ect
Admiral Chief Umbra
July 25, 2019 at 12:28
That the one you told me about?
Scary AF
Raptor Rants
July 25, 2019 at 12:34
Yep. Dat one
Guz
July 25, 2019 at 12:28
o.O wow scary stuff, just from a security pov it would be quite interesting to find out how they do it, it must be 2 part some how with something more benign listing and reporting things like file names ect
Raptor Rants
July 25, 2019 at 12:34
Suuuuper scary. We haven’t heard from the supplier what went down but we assume there was some form of tracking on the emails with keywords being selected and then the usual trojan on the email client to generate and pop a mail off.
But man it was so so so legit.
HvR
July 25, 2019 at 10:48
Get prepaid they said, it ill be easier they said, it will be cheaper they said.
Hah, keeping my postpaid meter until they come enforce to remove it.
Admiral Chief Umbra
July 25, 2019 at 10:56
Masehare, THOUSANDS of people will now be affected by this.
What a monumentous cockup
Gavin Mannion
July 25, 2019 at 10:56
I’m off the belief that this ransomware has the possibility of exporting data… so all of JHB payers information COULD now be public.
Also, congrats to the DA, this never happened under the ANC’s watch
Admiral Chief Umbra
July 25, 2019 at 11:21
The DA is just as corrupt and useless with all the infighting and fake politics
HvR
July 25, 2019 at 11:35
The only difference between the DA and ANC is that DA steals less (or they are better at hiding it)
Admiral Chief Umbra
July 25, 2019 at 11:42
Better at hiding it is my guess
For the Emperor!
July 25, 2019 at 12:06
I am pretty sure the systems and infrastructure is the same. Still, the DA is just as useless as the ANC…or more. I just know they lost my vote when they moved squatters into the protected marshes behind our house and opened the way for the construction trucks to dump in said protected marshes…
Gavin Mannion
July 25, 2019 at 13:23
systems and infrastructure could well be the same, but they now handle staffing etc and have obviously screwed it up… they made a song and dance about fixing the billing etc. It was one of their main election promises and it’s literally much much worse.
Useless idiots
HvR
July 25, 2019 at 16:15
I’ve been saying it for years every time somebody from Gauteng used to say “O you are so lucky you live in Cape Town because the DA runs it”
All the DA gave us was clean annual audits and fooking high municipal bill.
Past 2 years we have had 40 days without water; ZERO public transport.
Why is the area where I live so nice? because we do everything ourselves, security and policing, semi-legal enforcement of the bylaws, maintaining the greenbelts and parks.
For the Emperor!
July 25, 2019 at 13:32
“Useless idiots” – 100% agreed 🙂
Guz
July 25, 2019 at 11:05
Wow the level of incompetence here is staggering
Magoo
July 25, 2019 at 11:05
This happened to my mate’s small-time marketing firm. They did not have any other option but to pay the ransom which came to about R6000. The funniest thing is that the perpetrator was super friendly. He even did troubleshooting with them days after the incident and helped them install security features that would prevent it from happening again in the future.
At the end of the day what they got was basically a cheap overhaul to their system that they didn’t ask for but are grateful for.
Dutch Matrix
July 25, 2019 at 11:13
That is like getting shot in the leg. By a doctor. Who then charges you to stitch up your leg, but it’s okay because he was super friendly doing the stitching.
Also, offsite backups??
Magoo
July 25, 2019 at 11:13
No but then he also makes your leg bulletproof… Don’t get me wrong, fuck that guy. He deserves to be locked up. Just a funny story.
Dutch Matrix
July 25, 2019 at 11:13
I guess.
Admiral Chief Umbra
July 25, 2019 at 11:13
GG WP
Guz
July 25, 2019 at 11:21
https://uploads.disquscdn.com/images/b0b9c2c9344f6113fd9f46e4be74799c32f077e4cfd7c56bf04ff27e9d5cd481.jpg
Dutch Matrix
July 25, 2019 at 11:28
If I was a hacker, I would do tiny things.
Like change, say, FNB’s Logoff button to say Fokoff.
Stuff for funsies, you know.
Llama In The Rift
July 25, 2019 at 11:35
Doesnt matter how bad you’re day goes or is….just rejoice in the fact that you’re not elbowsarmpits deep in sewage and shit uncloging drains.
HvR
July 25, 2019 at 11:59
Reminds me what I need to do this weekend; at least it is my own shit
Lynley James
July 25, 2019 at 11:52
Just tested out Standard Bank via the mobile app, should be same for online banking, and that worked fine. Not sure which vendors are affected or if they sorted it out.
Raptor Rants
July 25, 2019 at 11:52
I was asked today why we refuse to turn off protected view in Excel for all files by default. Coz folk don’t want to click “Enable Content”
I replied that that is how you get a City Power situation.
Raptor Rants
July 25, 2019 at 11:59
Also, worst IT day ever. Stay strong my brethren. You will win. Unless you didn’t have a DR plan in place. In which case…. Good luck
Magoo
July 25, 2019 at 12:28
“plan in place” is not exactly the kind of lifestyle choice that Shitty Power makes.