Texas is working to recover from ransomware attack on 22 government targets

by



[ad_1]

"The evidence continues to highlight a single threatening actor," said Elliott Sprehe of the Texas Information Resources Department, who coordinates the state's response to the attack, said Tuesday. in a statement. The agency declined to share speculation about who could be responsible, citing an ongoing federal investigation. The FBI and the Department of Homeland Security help with the response.

Ransomware is most often a tactic allowing hackers to easily earn money. This works by encrypting the victim's computer and then demanding a payment – often in bitcoins – to unlock it. Ransomware writers are rarely caught, although the FBI has indicated that it is tracking suspects pending their move to a country capable of extraditing to the United States.

"We've never seen this type of coordinated ransomware attack against municipalities." We've seen attackers attack local governments, but sequentially, "said Allan Liska, who follows ransomware attacks for the Recorded Future cybersecurity firm. "But nothing too organized and certainly nothing so effective."

The Texas state government refused to name what sort of ransomware it was or to name the victims, except to say that "the majority of these entities were smaller local governments".

But at least two of them have since emerged: the towns of Borger and Keene.

In Borger, residents can not access birth or death certificates or pay utility bills, the city said in a press release. Emergency services are still operational, said city spokeswoman Marisa Montoya.

The ransomware attacks reported against US cities and local governments have been on the rise since 2017, although the number of generic attacks has weakened during this period. Although most victims are smaller cities and counties, cities like Albany, New York and Baltimore have been affected this year. Small governments set particularly ambitious goals because they often have under-funded IT staff and provide essential services, which makes them pay.

The Texas attacks hit the morning of August 16th.

The damage does not seem to be as important as it could have been, Liska said, in part because Texas has created a system in which local officials know who to contact during any such event.

"Texas spent a lot of time and money in centralizing the incident response, so the security and information people in those cities knew who to call immediately," he said. told CNN. "If that happened in another state without that infrastructure or in several cities of different states simultaneously, the damage could have been much more serious."

[ad_2]

Source link