Ransom demand rejected – GPL


The Guyana Power and Light (GPL) Inc on Wednesday experienced a cyberattack on the company’s computerised systems. The attack occurred at about 04:21h and luckily, electricity supply was not affected by this incident. But, the power company did note that a ransom was requested.
“The perpetrators of this act requested a ransom of bitcoins (digital money) to remove all encryptions from within the network. However, it should be noted that GPL Inc has not heeded to, and will not heed to, any such ransom,” the utility company asserted in a statement on Thursday.
The company said in the missive that upon identification of this cyberattack, immediate actions were taken to isolate and prevent further spread of the malware.
It noted that permanent corrective measures were taken, which included, but was not limited to, initiating an Information System quarantine.
GPL said during this period, while the company assiduously worked to restore normalcy, there were service interruptions for customers visiting its offices attempting to submit queries and new service applications since the Customer Information System was taken offline.
However, it was noted that service was incrementally restored at the power company’s commercial offices and customer call centres between Friday, February 8, and Sunday, February 10.
According to the power company, its prepaid customers were able to purchase tokens during this period as per normal.
“GPL has commenced the process of strengthening its cyberattack mitigation measures and disaster recovery planning strategies in alignment with industry best practices. It is therefore fitting, that we advise and encourage local companies with computerised systems to review their existing cyber security systems and disaster recovery plans also,” GPL implored.
The company expressed sincere appreciation to public and private entities that offered support and assistance during this period of disruption.
This is not the first time local organisations have suffered from cyberattacks. Last year, there were reports of the Finance and Public Infrastructure Ministries being attacked. In one instance, the Public Infrastructure Ministry’s website sometime in May 2018 was taken over by Egyptian hackers.
Meanwhile, back in January 2017, the Guyana Water Incorporated (GWI) was forced to called cybercrime experts from the Police Force after a malware attack.
In recent years, local authorities have taken steps to strengthen the country’s ability to defend itself against cyberattacks.
In fact, the National Assembly last July passed the Cyber Crime Bill, which covers a wide gamut of offences regarding the use of data, illegal devices, system interference, fraud, child pornography, sedition and using a computer system to coerce, harass, intimidate, humiliate, etc. a person.
Punishments range from multiple year jail sentences to fines up to $20 million for those found guilty.