In brief
- Hackers have compromised the billing systems of Pakistan's biggest electricity producer.
- They demanded $3.8 million in ransom, which increases to $7.7 million if not paid soon.
- Enterprise ransomware attacks have cost firms over $25 million this year.
K-Electric, the biggest power producer in Pakistan and the sole provider in the city of Karachi, suffered a ransomware attack this week with hackers demanding over $7 million in Bitcoin to restore its services, according to cybersecurity site Bleeping Computer.
The firm services over 2.5 million customers in the country and faced a disruption in billing and online payment services after the attack. The attack was discovered by K-Electric engineers on September 7, but the supply of electricity in the city was not affected.
As per the report, hackers utilized a “NetWalker” attack to compromise the company—a virus strain discovered in 2019 that infects popular software applications running on Microsoft Windows, such as Office, Word, and Excel. Once deployed, NetWalker encrypts data on victim computers and disables file access until a ransom is paid out.
Huge US travel company pays hackers $4.5 million Bitcoin ransom
Per Reuters, travel management firm CWT, which pulls in annual revenues of $1.5 billion, paid anonymous hackers 414 bitcoin this week in response to a ransomware attack that led to the theft of piles of company documents and left tens of thousands of company devices offline. The attackers used a ransomware technology known as Ragnar to encrypt company files, rendering them inaccessible to the company’s employees, according to documents seen by Reuters. CWT paid the ransom on July 28 to decrypt...
Hackers followed the same steps with K-Electric. After infecting the electricity firm, they demanded a $3.8 million ransom to be paid in Bitcoin through the anonymous browser Tor.
The hackers added in a message to the company, “If there is no payment made by September 15, the price increases by two times and will be $7.7 million.”
The same message noted the hackers operator stole unencrypted files from K-Electric before performing the attack. However, it did not reveal the exact type of data they stole or the total amount of files stolen.
"The KE teams have initiated consultation with international information security experts and are also collaborating with local authorities in this regard," K-Electric told Decrypt, in a statement.
The attack comes in quick succession after Argentinean border forces suffered from the same NetWalker virus earlier this week. Hackers demanded $4 million in that instance, but the Argentinean authorities refused to pay.
Hackers Shut Argentina Borders with $4 Million Bitcoin Ransom Demand
Argentina’s immigration agency, Dirección Nacional de Migraciones (DNM), was the victim of a ransomware attack that temporarily halted border crossings, with hackers demanding $4 million in Bitcoin. The attack was first reported by the Argentinean government on August 27 to the country’s cybercrime agency, after multiple calls from border checkpoints suggested their computer networks were compromised, according to security news site Bleeping Computer. Border authorities found that their compute...
Enterprise ransomware like NetWalker—which targets companies instead of individuals—is a growing threat in the world, accounting for over $25 million in ransom earnings for hackers as per the report.
And it’s something blockchain can’t just fix.
