Lesson from South Africa's Blackout from Virus Attack
It seems this is coming home: attack on power grids. South Africa experienced one this week. This is how TC Daily summarized it:
South African electricity distribution company, City Power Johannesburg suffered a ransomware attack on Thursday. The virus blocked access to different portions of the company technological systems including its website, which is used to pay utility bills and make complaints. It is not clear how the virus got onto their system in the first place. However in the later hours on Thursday, the company acknowledged the event and disclosed that its networks and applications have since been cleaned up and restored. This is a rare case of such an attack on an African country’s power system, although it is unconfirmed if this was a targeted attack. This event reminds us of the need to secure critical infrastructure from software attacks.
Press release from the company.
Progress made following cyber attack on City Power IT system
City Power has been working to deal with a hit by a virus which has led to a black out to it's IT systems.
Tekedia Mini-MBA edition 16 (Feb 10 – May 3, 2025) opens registrations; register today for early bird discounts.
Tekedia AI in Business Masterclass opens registrations here.
Join Tekedia Capital Syndicate and invest in Africa’s finest startups here.
So far most of the IT applications and networks that were affected by the cyber attack have been cleaned up and restored.
These include the pre-paid vending system, which means that most customers will be able to access vending and buy electricity.
However work is still continuing on some systems and applications that were affected including the uploading of invoices by our suppliers, and logging faults by customers on the website. This will also affected our response time to logged calls as some of internal systems to dispatch and order material have been slowed by the impact.
The virus hit early Thursday morning compromising our database and other software's, impacting most of our applications and networks.
Among the temporary measures and alternatives City Power has created for customers include:
+ Fault logging - customers may not be able to use the website, as such they are requested to log calls on their cellphones using http://www.citypower.mobi;
+ Submitting Invoices - Suppliers seeking to submit invoices for payments should rather bring their invoices physically to City Power offices in Booysens;
+ New service connections were not affected by the cyber attack.
City Power cyber security is currently investigating the cause of this attack. Ransomware virus is known globally to be operated by syndicates seeking to solicit monies. We want to assure residents of Johannesburg that City Power systems were able to proactively intercept this and managed to deal with it quicker.
Customers should also not panic as none of their details were compromised.
We apologise for the inconvenience this has caused to the people of the City of Johannesburg.
If everything goes well we should have everything back by the end of Thursday.