Ransomware Attack at US Power Station

Written by

A Massachusetts power station hit by ransomware is refusing to meet attackers' financial demands.

The Reading Municipal Light Department (RMLD) was targeted on Friday by cyber-criminals hoping to extort money by encrypting data in the station's computer system. Unfortunately for them, station bosses opted to hire an outside IT consultant to help them deal with the ransomware infection instead of paying for the return of their files.

RMLD said that its IT team had been working tirelessly since Friday to identify and isolate the problem, which was believed to have been contained by yesterday afternoon. Outside help was brought in to make doubly sure that all traces of the malware had been removed.

After attackers drove the electricity provider off their website, RMLD took to Twitter earlier today to spread news of the ransomware attack.

From their account @readinglight, the company posted: "RMLD’s website, http://rmld.com, is currently unavailable due to a widespread issue our vendor is experiencing. There is no ETA for a resolution at this time. This issue is affecting multiple city and town websites in MA. Updates will be shared as they become available."

Electricity services were not interrupted by the attack, and RMLD said that the grid remains secure.

RMLD said that there were no indications that customers' financial data had been compromised as a result of the attack. Information regarding customers' bank accounts and credit cards is stored in a separate system managed by third-party provider Invoice Cloud.

Online payments remained unaffected by the ransomware attack, as they are handled by Invoice Cloud. RMLD said that prompt payment discounts will be honored despite a potential delay in the carrying over of payments from Invoice Cloud to RMLD’s billing system.

Customer data that may have been exposed in the attack includes names, addresses, email addresses, and records of how much electricity an individual has accessed. 

RMLD has not confirmed how the ransomware entered their computer system, nor has the electricity provider stated how much money was requested by the attackers.    

According to records obtained by NBC10 Boston, 1 in 6 Massachusetts communities have been targeted by ransomware and at least 10 communities have used taxpayers' money to recover encrypted data.

What’s hot on Infosecurity Magazine?