K-Electric struck by ‘ransomware’

Published September 10, 2020
Word of the hack was already in widespread circulation by the time the utility officially acknowledged it. — KE website/File
Word of the hack was already in widespread circulation by the time the utility officially acknowledged it. — KE website/File

KARACHI: K-Electric on Wednesday said it experienced an attempted cyber-incident earlier this week. “The KE teams have initiated consultation with international information security experts and are also collaborating with local authorities in this regard,” the company said in a statement.

The admission came days after customers across the city complained that they were unable to lodge power outage and technical fault complaints using 118 helpline, 8119 SMS service and KE Live App or check the company’s website for duplicate bills.

On Tuesday, KE had issued a statement telling customers to expect disruptions to some online services but made no mention of the “cyber-incident”.

Hacked

“All critical customer services including bill payment solutions and 118 call-centre are operational and fully functional, to ensure the integrity of our systems, as a precautionary measure, we have isolated few non-critical services.

Some services frozen but power supply unaffected; hackers demand $3.8m ransom to unfreeze

As such customers may experience some disruption in accessing duplicate bills from the KE website,” the statement released on Wednesday said.

Word of the hack was already in widespread circulation by the time the utility officially acknowledged it. An information security and technology news publication ‘BleepingComputer’ published a story on Tuesday with the headline ‘Pakistan’s largest private electricity provider, K-Electric, hit by Netwalker ransomware’.

Ransomware is a relatively recent form of hacking in which the attackers insert malicious code into a computer that encrypts all the data in the system. They then demand payment via online platforms in return for providing the decryption key.

The report said that Netwalker is demanding $3.8 million ransom and if payment is not made in seven days, the ransom will increase to $7m.

BleepingComputer is a partner in the No More Ransom Project which was started in 2016 as an alliance between Europol’s European Cybercrime Centre, the National High Tech Crime Unit of the Netherlands police, and McAfee in order to battle ransomware.

When reached out, the report’s author, Lawrence Abrams told Dawn, “it is not known how much or what files were stolen before encrypting K-Electric’s systems.” His report says the attack seems to have happened on Monday.

“As K-Electric is exhibiting actual disruptions to their online services and billing, my guess is that they had at least some devices encrypted.”

What’s at risk?

Though KE has not shared details of the attempted hack and adds that it is following cybersecurity protocols, concerns remain on whether any data was leaked, and if so whether it was encrypted.

Tech experts say that currently, there is no redressal mechanism in the country for such data breaches — that have happened in the past as well — leaving consumers at a greater risk.

“When a data breach happens, it is worth asking if the data encrypted and what has been leaked,” said Shahzad Ahmed, director Bytes For All — NGO that works on technology and human rights.

The draft Pakistan data protection bill is there but it does not offer adequate protection of citizens in case of data breaches, he added.

KE has access to consumers’ names, addresses, CNIC and NTN numbers — information that is also published on bills — some more if you pay bills online.

“Financial data is linked to your CNIC (including with bank accounts, credit card). Many consumers pay their bills online. This is sensitive information. NIC details can reveal date of birth, your mother’s name (in records) and place of birth. This makes you more vulnerable. If any point hackers [in any data breach] are not given ransom, they can sell this to dark web and this can have repercussions.”

Published in Dawn, September 10th, 2020

Follow Dawn Business on Twitter, LinkedIn, Instagram and Facebook for insights on business, finance and tech from Pakistan and across the world.

Opinion

Editorial

High cost of living
Updated 04 Oct, 2024

High cost of living

There will be no let-up in the pain of middle-class people when it comes to grocery expenses, school fees, and hospital bills.
Regional response
04 Oct, 2024

Regional response

IT is welcome that Afghanistan’s neighbours are speaking with one voice when it comes to the critical issue of...
Cultural conservation
04 Oct, 2024

Cultural conservation

THE Sindh government’s recent move to declare the Sayad Hashmi Reference Library as a protected heritage site is...
Judicial infighting
03 Oct, 2024

Judicial infighting

As other state institutions grow more assertive, continued failure to present a united front will increasingly endanger SC's authority.
Iranian salvo
Updated 03 Oct, 2024

Iranian salvo

With the US and UK egging on Israel, instead of reining in their rabid ally, it is difficult to foresee a negotiated denouement of this conflict.
Chance to play well
03 Oct, 2024

Chance to play well

THE announcement came without warning very late on Tuesday night. Merely six months since his reappointment and 11...