Ransomware wave hits 23 towns in Texas
The attack, which has victimized mostly smaller local governments, is
thought to have been unleashed by a single threat actor
As many as 23 government organizations across Texas
are reeling from an apparently “coordinated ransomware attack”, an alert by the Texas Department of Information
Resources (DIR) reveals.
The incident occurred last Friday and for the most
part affected smaller local governments, reads the alert’s update. The attack appears to have been unleashed by “one
single threat actor”, said the agency, before adding that state‑owned systems
and networks were spared. The scope of the damage isn’t immediately clear,
however, as the DIR stopped short of disclosing much in the way of additional
details about the incident.
As a result, there’s no word on which specific
entities were hit or which ransomware strain took root in their computer
systems. Nor did the DIR say how the simultaneous attack on almost two dozen
entities transpired. Other unknowns include the attack’s perpetrator(s), the
amount of the demanded ransom, whether paying up has been weighed as an option,
and, indeed, how the recovery efforts are progressing.
(Separately, the city of Borger has disclosed that it is one of the victims, whereas
the National Public Radio has quoted a DIR spokesman as saying that
none of the affected municipalities has paid up.)
“Investigations into the origin of this attack are
ongoing; however, response and recovery are the priority at this time,” reads
the alert’s uppate.
Response teams from multiple Texan authorities as
well as from federal agencies such as the Department of Homeland Security (DHS)
and the Federal Bureau of Investigation (FBI) are all working on bringing the
affected systems back online. The situation prompted Texas Governor Greg Abbott
to order a level 2 “escalated response”, which is one step below the highest level of
alert – a level 1 “emergency.”
As shown by a recent report by threat intelligence provider Recorded
Future, ransomware attacks on state and local governments in the US have been
growing at a fast clip. Atlanta, Baltimore and two Floridian cities, for example, have all seen their municipal
systems crippled by various ransomware strains. Whereas the first two chose to
claw back their systems, Riviera Beach and Lake City decided to pay the ransoms
up front, highlighting the tough choices that ransomware victims face.
Just weeks ago, the US Conference of Mayors, which
represents more than 1,400 mayors from cities around the country, vowed not to cave in to cyber-extortionists in case their systems
are hit by ransomware.
For precautions that organizations in general can
take to defend against this type of threat, please refer to Ransomware: Expert advice on how to
keep safe and secure.
Enterprises, although not only them, may be particularly interested in our
comprehensive white paper, Ransomware: An enterprise perspective.