The WannaCry cyber attack this month impacted more than 100,000 organizations worldwide. While the National Health Service in the UK was one early and highly-publicized confirmed target of the attack, a few non-U.S. utility and energy companies as well as telecommunications service providers were cited in reporting about intrusions associated with the attack, including the largest telecommunications provider in Spain, Telefonica.
WannaCry was the one of the largest global ransomware attack to date. Ransomware is designed to disable systems and force computer users to pay ransom to regain access to their data.
U.S. utilities have been investing heavily in cyber security initiatives, and have strong traditions of combining their resources to respond quickly to emergencies. As Edison Electric Institute President Thomas R. Kuhn stated at the February 2017 EEI Wall Street Briefing, in the face of emergencies, “our industry’s mutual assistance network comes together to respond quickly. It’s a hallmark of our industry. As cybersecurity risks proliferate, the industry is organizing itself to similarly pool resources in the face of cyber incidents or attacks that exceed the capacity of individual companies to respond. In partnership with the ESCC, the industry has developed a cyber mutual assistance program. To date, more than 80 companies are participating, and we will continue to expand and to exercise the cyber mutual assistance program throughout the year.”
According to DataProtectionReport.com, energy companies and other utilities impacted by the attack included the following companies (none of which are in North America):
- West Bengal State Electricity Distribution Company: The Indian state power distribution company confirmed that WannaCry infections had been detected at four of its offices.
- Iberdrola: Spanish electric utility Iberdola reported infection after the utility shut down various systems in order to respond to the attack.
- Petrobras: State-owned Brazilian oil company Petrobras, along with Brazil’s Foreign Ministry and the social security system, reportedly turned off its computers as a precaution to respond.
- Gas Natural: Spanish natural gas firm reportedly infected; staff urged to turn off their computers.
- PetroChina gas stations: Customers were forced to pay cash at Chinese gas stations after payment systems went down.
- Telefonica: The largest Spanish telecommunications firm was the first company to report an attack. The company’s headquarters in Brazil were affected.
- Portugal Telecom: The firm acknowledged being hit by the attack but said it has managed to contain the ransomware from spreading.
- MegaFon: Largest Russian telecommunications firm MegaFon confirmed infection.
- Telenor Hungary: Hungarian telecommunications provider affected.
The EEI quote is from Delivering America’s Energy Future Electric Power Industry Outlook Edison Electric Institute Wall Street Briefing, dated Feb, 8, 2017, page 5.