Email attachment let ransomware into BWL

Posted at 6:55 PM, Apr 28, 2016
and last updated 2016-04-29 07:32:03-04

It's a giant headache for us in the corporate side of the company," said Lansing Board of Water and Light General Manager Dick Peffley of the cyber attack that took place at the utility Monday.

Ransomware locked out internal operations, after an employee opened an email attachment.

"They make it sound as legitimate as it can be, and some people fall for it," said Ben Berry, owner of Mac Men, a computer repair store in East Lansing.

He wasn't surprised that the BWL was hacked because he sees people come in with this kind of virus on their devices all the time.

"Ransomware will encrypt all the files, and nobody other than the person who designed the ransomware can decrypt the files," Berry said.

It holds documents, or in this case the BWL's internal server hostage until the owner pays a ransom.

"$250 is usually what we see that they ask for," Berry said, although he mentioned he had one customer who was taken for more than three thousand dollars.

So for companies, it can be a lot bigger. The Board of Water and Light would not confirm the ransom amount to Fox 47 News because law enforcement like D/Lt. Jay Poupard from the Michigan State Police Cyber Crime Unit are still investigating.

"It can be very dangerous for companies," D/Lt. Poupard said, including that ransomware is getting more and more common across the country.

"It's getting some deserved attention in the U.S. because there are more similar events that are occurring," D/Lt. Poupard said.

He's not surprised that the BWL is still down, because the malware can change every few hours.

"New versions of these tools can be engineered every day so an anti-virus company may be battling one flavor of that malicious software one day, and within the next 24 hours, it could have changed two or three or four times," D/Lt. Poupard said.

So he's warning people to back up their files, because with one click they could be held ransom.

Stay with Fox 47 News for updates on the cyber attack at the Lansing Board of Water and Light.