A US water and sewerage company experienced a ransomware attack earlier this month, whilst it was still recovering from the effects of Hurricane Florence which hit the US East Coast in September. Despite efforts by the company to disconnect its systems from the internet in response, the Ryuk ransomware spread through the network encrypting data.
Prior to the ransomware infection, the company reportedly experienced persistent attacks from the Emotet banking Trojan, which primarily serves as a dropper for other banking Trojans.
The company has not paid the ransom and is, instead, rebuilding its databases. As a result of the infection, the company reports it was left with “limited computer systems”, which would “affect the timeliness of services for weeks to come” and necessitate resorting to manual processes for a range of functions. However, it is believed that water and wastewater services will not be affected.