After ransomware hits Colombian energy firm, Moody’s says low patch rate suggests inadequacies in cyber practices


A ransomware attack at top Colombian energy company Empresas Publicas de Medellin (EPM) may damage its credit quality, setting an alarm clock for the critical infrastructure industry to develop efficient mitigation practices and vulnerability management programs, Moody’s said.

EPM, one of Colombia’s largest public energy, water, and gas providers suffered from a ransomware attack reported on Dec. 13. The incident threatens operational disruptions to the Colombian utility’s website, mobile application, payment gateway, and intranet, which Moody’s said the company is struggling to resolve and therefore may impact its credit score.

“While EPM has not commented on the severity of the attack, ransomware attacks can cause operational disruptions, often resulting in costlier and slower manual workarounds for normal automated processes — a detriment to credit quality,” the rating agency said in a report published on Dec.20.

Read more…
Source: SC Media