A massive “denial of service” attack overwhelmed JEA’s website and online payment system with data starting around 11:30 p.m., Feb. 17, but the utility restored both its website and payment systems by approximately 9 p.m., Feb. 19.
While the attack prevented customers from using JEA online services, it did not affect any financial, operational or customer data, the utility said. As a consideration for customers, JEA said it temporarily suspended disconnections for non-payment.
JEA immediately initiated countermeasures designed to mitigate the impact of denial of service attacks, but the scale of the attack was so large that traditional approaches were ineffective, the utility said. JEA said it then engaged an additional service provider who is expert in this field. The FBI was notified. Such attacks are designed to slow down websites and create a nuisance for customers and the organization, but not to gain access to any specific data, JEA noted.
JEA said it “will continue to work with law enforcement as appropriate and work to prevent and resolve future attacks.” —ROBERT VARELA
Reposted with permission from Public Power Daily.