Ransomware Attack Hurts MI Utility

Wednesday, April 27, 2016 @ 11:04 AM gHale


A ransomware attack hit the corporate computer network at the Lansing Board of Water and Light (BWL) in Lansing, MI, officials said Monday.

System redundancies and separation of BWL’s corporate computer network from the utility network saved the day and allowed the organization to continue operations, said general manager Dick Peffley.

RELATED STORIES
Hack Attack Plan Thwarted
Aircraft Manufacturer Attacked
Security: Ease the Pain …
Unsupported ICS: Not an Easy Upgrade

“I’ve never seen anything of this magnitude,” he said. “We’ve had smaller problems, but nothing that’s shut the entire corporate network down like this.”

Email, phones, computers, printers and other technology on the administrative side remain shutdown, officials said.

Trent Atkins, the utility’s director of emergency management, said there’s no timeline on repairs.

“BWL was attacked by a computer virus that placed encryption software on our corporate network,” he said. “The BWL initiated our disaster response and recovery plan by isolating the virus and a self-imposed shutdown of our system.”

“And at no time was our control system infected, and there have been no threats to the production, the transmission or distribution of BWL utilities to our customers.”
— Trent Atkins, BWL director of emergency management

Lansing police ended up contacted before 7 a.m. Monday, and other state and federal law enforcement agencies have joined the ongoing investigation, he said.

Mayor Virg Bernero, who is out of the country on an economic development trip, has been in personal contact with Peffley and was fully briefed on the situation, Lansing Chief Operating Officer Chad Gamble said.

He added that the city has performed checks of its networks, which are “functioning well,” and will continue to monitor its systems.

The attack was a ransomware virus, which affects access to a computer system until the user pays a fee. BWL officials declined to comment on whether a ransom had been demanded.

“At no time was personal information breached on our network,” Atkins said. “And at no time was our control system infected, and there have been no threats to the production, the transmission or distribution of BWL utilities to our customers.”

The virus did affect the outage phone line and the online outage map. A temporary phone line and outage map have been set up. As of 6 p.m. Monday, the regular outage phone line had been restored, spokesman Steve Serkaian said, but the temporary line remained active as a precaution.

The National Weather Service said thunder, hail and high winds were possible Monday night. BWL officials said the cyber attack created no additional cause for concern with regard to maintaining or repairing utilities.

Commissioner Dennis Louney said the board learned of the virus by Peffley in an email.