Expert Reaction On Pakistan’s Largest Private Power Utility Hit By Netwalker Ransomware

It has been reported that K-Electric, Pakistan’s largest private power utility, has suffered a Netwalker ransomware attack that led to the disruption of billing and online services. K-Electric serves 2.5 million customers and employs over 10 thousand people.

https://twitter.com/Stormshield/status/1303629228529852418

Experts Comments

September 09, 2020
Andrea Carcano
Co-founder and CPO
Nozomi Networks
The attack against K-Electric once again highlights a concerning trend we continue to see. Ransomware attackers are demanding higher ransoms, aimed at larger and more critical organisations, and they are now often using a two-pronged approach that combines data encryption with data theft, making it difficult for the victim to avoid paying up. Fortunately in this case it appears K-Electric’s operational networks were not impacted. When it comes to ransomware, prevention is always better.....Read More
The attack against K-Electric once again highlights a concerning trend we continue to see. Ransomware attackers are demanding higher ransoms, aimed at larger and more critical organisations, and they are now often using a two-pronged approach that combines data encryption with data theft, making it difficult for the victim to avoid paying up. Fortunately in this case it appears K-Electric’s operational networks were not impacted. When it comes to ransomware, prevention is always better than cure, and this involves organisations deploying tools that will help them immediately identify when something ambiguous is happening within the infrastructure. Applying artificial intelligence and machine learning for real-time detection and response, organisations can monitor for malware to rapidly discover and act to remove malicious code before harm is done.  Read Less
September 10, 2020
Dan Piazza
Technical Product Manager
Stealthbits Technologies
While details surrounding how K-Electric's network was compromised with the Netwalker ransomware are scarce, this attack is a perfect example of recent ransomware trends. Netwalker attacks are known to target victims using phishing emails disguised as COVID-19 updates from their organization, taking advantage of the heightened fears and anxieties that come with the current pandemic. Netwalker attacks also up the traditional ransomware ante, by threatening to publish stolen data online if the.....Read More
While details surrounding how K-Electric's network was compromised with the Netwalker ransomware are scarce, this attack is a perfect example of recent ransomware trends. Netwalker attacks are known to target victims using phishing emails disguised as COVID-19 updates from their organization, taking advantage of the heightened fears and anxieties that come with the current pandemic. Netwalker attacks also up the traditional ransomware ante, by threatening to publish stolen data online if the ransom isn't paid. This means simply reaching for a backup isn't sufficient if sensitive data has been stolen that could compromise customers, employees, or partners, and could also damage an organization's reputation and public trust. Finally, Netwalker operates as a ransomware-as-a-service (RaaS), meaning the ransomware software is sold to other users who can customize it as they please. This results in many variants of Netwalker floating around that have different goals and attack techniques. As ransomware evolves and more frequently targets the enterprise, organizations need to take care to keep security solutions updated, keep cold backups outside of the network, make sure all workstations and servers are running the latest OS and software patches, and try to reduce attack surfaces in general. Gone are the days of simply running antivirus software for proper protection; organizations need to know where all sensitive data is located, lockdown access to that data, and constantly monitor the network with real-time threat detection and response solutions.  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.