fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Netwalker Ransomware Hits Pakistan’s Largest Private Power Utility

Netwalker Ransomware Hits Pakistan’s Largest Private Power Utility

K-Electric

K-Electric, the sole electricity provider for Karachi, Pakistan, has suffered a Netwalker ransomware attack that led to the disruption of billing and online services.

K-Electric is Pakistan’s largest power supplier, serving 2.5 million customers and employing over 10 thousand people.

Starting yesterday, K-Electric customers have been unable to access the online services for their account.

To resolve this issue, K-Electric appears to be trying to reroute users through a staging site, but are currently having difficulties.

Errors accessing account
Errors accessing account

Ransomware researcher Ransom Leaks, who told BleepingComputer about this attack, was tipped off by a local Pakistani security company that this attack is impacting K-Electric internal services.

According Rewterz, the cyberattack occurred on the morning of September 7th and is disrupting K-Electric’s online billing services and not the supply of power.

BleepingComputer has emailed K-Electric about this attack but has not heard back.

Also read: 10 Government Data Leaks In Singapore: Prevent Cybersecurity

Netwalker is demanding a $3.8 million ransom

After being told about this attack, BleepingComputer has learned from cybersecurity sources who wish to remain anonymous that the Netwalker ransomware attacked K-Electric.

In a Tor payment page seen by BleepingComputer, the ransomware operators demand a $3,850,000 ransom payment. If a ransom is not paid within another seven days, the ransom will increase to $7.7 million.

Tor payment page for K-Electric
Tor payment page for K-Electric

The Tor payment site also includes a ‘Stolen data’ page that states the Netwalker operator stole unencrypted files from K-Electric before performing the attack. This page does not reveal how much or what data was stolen.

Tor stolen data page for K-Electric
Tor stolen data page for K-Electric

Since the summer of 2019, Netwalker has been actively infecting victims. It wasn’t until March 2020, when the threat actors began recruiting skilled hackers and focusing entirely on enterprise networks, that we began to see widespread attacks.

According to a report by McAfee, this change in tactics has led to the ransomware gang earning $25 million in just five months.

Recent Netwalker attacks include Argentina’s immigration officesUS government agencies, and the University of California San Francisco (UCSF), who paid a $1.14 million ransom.

Also read: PDPA For Companies: Compliance Guide For Singapore Business

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us