Onslow Water and Sewer Authority

Onslow Water and Sewer Authority (ONWASA) is a public utility providing essential water and wastewater services to residents and businesses within Onslow County, North Carolina, United States. As a local government authority, its core mission involves the treatment, distribution, and collection of water and sewage to maintain public health and environmental standards within its designated service area. The organization operates critical infrastructure that ensures a continuous supply of potable water and the safe management of wastewater, forming a foundational component of the community's daily operations and sanitation. Its services are strictly confined to its jurisdictional boundaries in Onslow County, positioning it as a key municipal service provider rather than a regional or national entity. The authority's operational focus is inherently tied to public welfare, requiring strict adherence to federal and state environmental regulations governing water quality and waste processing. This regulatory environment defines much of its daily operational priorities and compliance obligations.

The organization's operational history includes a significant cybersecurity incident in October 2018, which provides a notable case study in the vulnerability of critical community infrastructure to sophisticated attacks. Following a major hurricane, ONWASA's internal computer systems, including servers and personal machines, were compromised by a multi-stage attack beginning with Emotet malware, which subsequently deployed Ryuk ransomware. This attack severely limited the authority's internal operational capabilities for a period, forcing a reliance on manual processes and extensive reconstruction of affected databases to restore full functionality. A critical distinguishing attribute demonstrated during this event was the preservation of customer data, environmental safety systems, and the physical water supply itself; the attack was confined to administrative and business networks, not the operational technology controlling water treatment and distribution. The response involved collaboration with external cybersecurity experts alongside internal IT teams, highlighting a capacity to engage specialized resources during a crisis. This incident underscores the sector-wide challenge of securing administrative IT systems against financially motivated ransomware while maintaining uninterrupted delivery of vital public services, a balance ONWASA successfully achieved despite significant disruption to its internal business processes. The event illustrates the targeted nature of modern ransomware campaigns against public utilities and the extensive recovery efforts required to rebuild compromised digital infrastructure.