Michigan Utility Cyber-Ransom Attack Response Totals $2.4 Million
Officials say the Lansing Board of Water & Light in Michigan paid a $25,000 ransom to unlock its internal communications systems after they were disabled in the spring by a cyberattack.
General manager Dick Peffley told the Lansing State Journal it cost about $2.4 million to respond to the emergency, including paying for the ransom and technology upgrades to prevent future attacks. He says all but $500,000 of those costs are covered by insurance. He also said paying the ransom was “distasteful and disgusting, but sadly necessary.”
Records acquired through the Freedom of Information Act by the Lansing State Journal from the utility showed it had a multi-layered “Cyber Edge” insurance policy with AIG and the Illinois National Insurance Co. at the time of the attack.
The April 25 cyberattack shut down the board’s email and accounting systems after an employee unknowingly opened an email with an infected attachment. The virus affected email, phones, computers, printers and other technology, and it took about a week for the utility to recover.
Officials said at the time of the attack that the utility service continued but a phone line to report outages was affected along with an online outage map. Peffley said redundancies and separation of its corporate computer network from the utility network allowed it to continue operations.
There is no evidence that shows customer and employee personal information was compromised by the ransomware virus, said utility officials.
- Denmark Warns That Russia May Send Warships to Escort Oil Tankers
- Florida Businessman Pleads Guilty to Rolling Back Odometers by Thousands of Miles
- Man Charged With Hiring Another to Burn Down His Home for $1.3 Million in Insurance
- Cleveland Clinic Plans New Hospital, Larger Outpatient Center in South Florida