Joburg Residents Left in the Dark after Ransomware Attack

27 Aug

At the end of July, prepaid electricity users in Johannesburg found themselves without power and unable to buy power. So, what happened? A ransomware attack was what brought a major prepaid electricity provider to its knees.

A ransomware attack is a cyberattack that accesses essential systems and files and encrypts them. Once encrypted, the files and systems can no longer be accessed. The hackers then demand payment via Bitcoin (which is untraceable) to return the systems to normal.

The company affected, City Power, confirmed the attack via Twitter and advised its customers that the attack had compromised their entire system. The notification went on to say that this included their website server, applications, databases, and network.

The Source of the Ransomware Attack

Sources confirmed that the Ransomware was unleashed on City Power’s IT system when an employee inadvertently opened an unknown email attachment that was harbouring a malicious file. And that’s all it really takes with a Ransomware attack – one click and all of your systems could be encrypted.

The Response from City Power

The first thing that people want to know when they hear about such an attack is whether or not the ransom was paid. It appears that City Power took the mammoth task of cleaning and rebuilding their systems to restore services to their Johannesburg customers, rather than bargaining with cyber criminals.

Just two days after the attack, it seems that City Power had their systems back online, but some customers were still unable to purchase prepaid electricity. Others, were unable to log electrical faults. These issues were not resolved for several more days after the attack. While the attack happened on Wednesday 24 July, the systems were only up and running efficiently over the weekend to follow.

Impact of Ransomware Attack on City Power’s Suppliers

For City Power’s suppliers, the issue was more distressing. While customer services were restored fairly quickly, it seems that City Power couldn’t solve the problem on their supplier’s side. This affected the logging of invoices, which meant that suppliers could not be paid.

Hats off though to City Power who undertook to continue paying their bills by requesting that suppliers deliver their invoices directly to their offices for payment.

Tips for Avoiding the Same Plight

If you own a business (big or small), you don’t want to suffer the same plight as City Power. Here are a few tips to help avoid a ransomware attack:

  • Install security software and patches, and ensure that they are always up to date.
  • Never open emails, attachments, or click links from unexpected senders.
  • Avoid dodgy or suspicious websites. Set security measures to limit the websites that staff members can visit.
  • Avoid using free trials of software packages or unknown software packages.
  • Create strong passwords and insist that staff members change them regularly.
  • Limit the use of personal devices on the business network.


Don’t let your business suffer the same plight as City Power and all of its customers. Take preventative steps to protect against Ransomware now and ensure that your data is backed up to the cloud.

Comments are closed.