Update: City Power says most IT applications, networks restored

Following a ransomware attack that crippled most of its systems and Web site, City Power has said “most of the IT applications and networks that were affected by the cyber attack have been cleaned up and restored”.

It added that “work is still continuing on some systems and applications that were affected including the uploading of invoices by our suppliers, and logging faults by customers on the Web site”.

The Johannesburg power utility also assured its customers that there was no need to panic as none of their details were compromised.

“We apologise for the inconvenience caused to the people of the City of Joburg. Please be patient with us, we expect to have everything back in order by the end of Thursday,” it said in a tweet.

In addition, the entity said it had temporary measures and alternatives in place, including that suppliers who need to submit invoices can do so physically at City Power’s offices in Booysens.

It added that ransomware is a well-known scourge that is operated by syndicates around the globe who seek financial gain. “We want to assure residents of Johannesburg that City Power systems were able to proactively intercept this and managed to deal with it quickly.”

At the time of this update, City Power’s Web site remained down.

Kate Mollett, regional manager for Africa at Veeam, says ransomware attacks and other breaches are an ongoing threat and can happen to businesses in any industry and at any geographic location.

“From small start-ups all the way through to large multinationals, no company can consider itself safe – no one is ever 100% secure.”

She says while all businesses try to mitigate for both internal and external issues which may impact security, one key piece of advice that Veeam has been sharing with the industry for years is its 3-2-1 rule.

“This rule states that organisations must have at least three copies of their data, store the copies on two different types of media, and keep one backup copy offsite. By following this approach, organisations will always have an available and usable backup of their data and systems.”

"Taking preventative action is always better than being caught on the back foot and scrambling to recover, for example, educating employees on best practices and having the right system updates to protect against breaches. Offsite and offline backups not only mitigate the effects of ransomware but when combined with the right security suite and employee awareness training, can help prevent the problem altogether.

According to Mollett, the slew of ransomware attacks we have seen in recent months, illustrate how attackers will exploit every vulnerability and gap in security defences and networks.

She says downtime isn’t an IT problem only, it's the entire leadership team’s problem, and in SA there is a growing trend of hiring senior data protection officers, who are responsible for ensuring that business data is protected and available, irrespective of where it resides.