KE under ‘ransomware’ attack, demands $38 mln

From Zeeshan Mirza

KARACHI: Hackers on Thursday have demanded $38 million from Karachi-Electric’s (KE) administration to restore its hacked system. The hacking event on the KE portal was reported on Sept 7, according to which its IT department had halted internal communication and links with banks, causing problems for the city’s sole electric supplier.
According to KE, customers may experience some disruption in accessing duplicate bills from the KE website, however, all the call centres are operational for any correspondence. The hackers have given a deadline of September 15 to K-Electric to pay the amount else the amount for the restoration of the portal would be double.
According to K-Electric, the hackers have claimed to have important documents of the customers and other sensitive information. The KE teams have initiated consultation with international information security experts and are also collaborating with local authorities for restoration of its system, the statement of KE read. It was reported that K-Electric could not issue electricity bills to its consumers in various region as its billing system became non-functional after the attack.
“All critical customer services including bill payment solutions and 118 call-centre are operational and fully functional, to ensure the integrity of our systems, as a precautionary measure, we have isolated few non-critical services. As such customers may experience some disruption in accessing duplicate bills from the KE website,” the statement released on Wednesday said.
Word of the hack was already in widespread circulation by the time the utility officially acknowledged it. An information security and technology news publication ‘BleepingComputer’ published a story on Tuesday with the headline ‘Pakistan’s largest private electricity provider, K-Electric, hit by Netwalker ransomware’.
Ransomware is a relatively recent form of hacking in which the attackers insert malicious code into a computer that encrypts all the data in the system. They then demand payment via online platforms in return for providing the decryption key.
The report said that Netwalker is demanding $3.8 million ransom and if payment is not made in seven days, the ransom will increase to $7m. BleepingComputer is a partner in the No More Ransom Project which was started in 2016 as an alliance between Europol’s European Cybercrime Centre, the National High Tech Crime Unit of the Netherlands police, and McAfee in order to battle ransomware. When reached out, the report’s author, Lawrence Abrams told media, “it is not known how much or what files were stolen before encrypting K-Electric’s systems.” His report says the attack seems to have happened on Monday.
“As K-Electric is exhibiting actual disruptions to their online services and billing, my guess is that they had at least some devices encrypted.”