Unknown Attacs Electricity Company of Ghana (ECG)

Incident Date:

October 1, 2022

World map

Overview

Title

Unknown Attacs Electricity Company of Ghana (ECG)

Victim

Electricity Company of Ghana (ECG)

Attacker

Unknown

Location

Accra, Ghana

, Ghana

First Reported

October 1, 2022

Unknown Threat Actor Attacks Electricity Company of Ghana

An unknown threat actor has attacked the Electricity Company of Ghana (ECG). The ECG, Ghana's largest electricity seller, has experienced significant disruptions in its power supply. Reports indicate that sections of the company's systems have been hacked, leading to the inability to purchase power and extended power outages. Individuals familiar with the matter have shared this information with ghanabusinessnews.com.

Ransomware Infiltration at ECG

According to anonymous sources, who wish to remain unidentified due to concerns related to national security, the ECG project site near Kwame Nkrumah Circle in Accra has been infiltrated by ransomware. The hacker or hackers responsible have altered the source code and gained control over certain parts of the server. The sources indicate that the hackers have encrypted sections of the ECG system, rendering it non-functional. Users are now prompted to enter a code for decryption, indicating the extent of the attack's impact.

Investigating the Breach

It is currently unclear how the hackers managed to gain access to the ECG servers. The ECG reportedly works with 14 independent service providers, who usually do not have remote access to the ECG servers unless they are physically present at the site or a virtual private network (VPN) is established by the ECG for remote work. Although ECG officials have not provided specific details regarding the cyber-attack, efforts are underway to determine how the hackers gained access to the ECG servers. Understanding the point of entry is crucial in addressing the introduction of ransomware into the system.

Response and Recovery Efforts

ECG, recognized as critical infrastructure due to its importance in people's lives, is working to stabilize its district offices and restore power supply to consumers. However, the systems for third-party vendors remain unstable, according to Charles Nii Ayiku Ayiku, General Manager in charge of external communications at the ECG. He acknowledged technical challenges but did not provide specific information about hacking or system attacks. National Security and Cybersecurity officials are collaborating with the ECG to find a resolution to the ongoing crisis.

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.