Colorado Energy Company DMEA Loses 25 Years Of Data After Cyberattack

According to reports, Colorado’s Delta-Montrose Electric Association (DMEA) is still struggling to recover from a devastating cyberattack last month that took down 90% of its internal systems and caused 25 years of historic data to be lost. In an update sent to customers this week, the company said it expects to be able to begin accepting payments through its SmartHub platform and other payment kiosks during the week of December 6. DMEA did not use the term “ransomware” but said much of their data had been corrupted while phone and email services were down for weeks.

Experts Comments

December 06, 2021
Trevor Morgan
Product Manager
comforte AG

Looking at the attack that wreaked havoc on data operations and the network infrastructure at Delta-Montrose Electric Association (DMEA), we should be mindful of the fact that some threat actors initiate cyber-attacks simply for the chaos they sow. Of course, ransomware attacks depend on spreading as much confusion and fear as possible to disrupt operations and force the targeted organization into a desperate mindset. We saw a similar situation with the Colonial Pipeline incident earlier this

.....Read More

Looking at the attack that wreaked havoc on data operations and the network infrastructure at Delta-Montrose Electric Association (DMEA), we should be mindful of the fact that some threat actors initiate cyber-attacks simply for the chaos they sow. Of course, ransomware attacks depend on spreading as much confusion and fear as possible to disrupt operations and force the targeted organization into a desperate mindset. We saw a similar situation with the Colonial Pipeline incident earlier this year, though that was more clearly a ransomware attack. However, in this case the DMEA’s comments don’t mention ransomware or ransoms specifically.

If you’re trying to take away a “lesson learned” from this incident, does it really matter what threat actors’ ultimate goals were, whether financial gain, pure chaos, weaponizing sensitive information, or all of the above? Assume that if your organization is targeted, hackers will go after your most sensitive data first and foremost. They will try to bring down the operational environment and disrupt your business as much as possible. The answer is vigilance and adopting the assumption that you are next. Protect your enterprise data not just with enhanced perimeter security but with data-centric security such as tokenization applied directly to that data. Beef up your disaster recovery plan and capabilities. Institute a stronger culture of cybersecurity within your organization that values care and caution over speed and velocity of operation (considering that social engineering tricks are a prime vector of attack), and lastly reduce any implicit trust of an entity or user based on location within the network down to zero: challenge, verify, and challenge again.

While it may take a lot of energy for your organization to stay prepared, the alternative could be a complete blackout of your operations.

  Read Less

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.