Unknown Threat Actor Attacks Electricity Company of Ghana

An unknown threat actor has attacked the Electricity Company of Ghana (ECG). The ECG, Ghana's largest electricity seller, has experienced significant disruptions in its power supply. Reports indicate that sections of the company's systems have been hacked, leading to the inability to purchase power and extended power outages. Individuals familiar with the matter have shared this information with ghanabusinessnews.com.

Ransomware Infiltration at ECG

According to anonymous sources, who wish to remain unidentified due to concerns related to national security, the ECG project site near Kwame Nkrumah Circle in Accra has been infiltrated by ransomware. The hacker or hackers responsible have altered the source code and gained control over certain parts of the server. The sources indicate that the hackers have encrypted sections of the ECG system, rendering it non-functional. Users are now prompted to enter a code for decryption, indicating the extent of the attack's impact.

Investigating the Breach

It is currently unclear how the hackers managed to gain access to the ECG servers. The ECG reportedly works with 14 independent service providers, who usually do not have remote access to the ECG servers unless they are physically present at the site or a virtual private network (VPN) is established by the ECG for remote work. Although ECG officials have not provided specific details regarding the cyber-attack, efforts are underway to determine how the hackers gained access to the ECG servers. Understanding the point of entry is crucial in addressing the introduction of ransomware into the system.

Response and Recovery Efforts

ECG, recognized as critical infrastructure due to its importance in people's lives, is working to stabilize its district offices and restore power supply to consumers. However, the systems for third-party vendors remain unstable, according to Charles Nii Ayiku Ayiku, General Manager in charge of external communications at the ECG. He acknowledged technical challenges but did not provide specific information about hacking or system attacks. National Security and Cybersecurity officials are collaborating with the ECG to find a resolution to the ongoing crisis.