A “Coordinated Ransomware Attack” hits 23 Texas Local Government Entities.

A new day, a new ransom… but not just one, twenty-three?

On the morning of August 16th hackers hit 23 municipalities in Texas, and events are still unfolding. For reasons of safety, the specific targets have not been named, but they are all smaller local governments. It is unsure who is behind this attack, but it’s assumed to be “one single threat actor.”

One person to twenty-three systems, what a ratio. Let’s hope they have back-up!

Fortunately, they do have the strength of the government and some heavier than normal resources to assist. Early Friday morning Texas Governor Greg Abbot ordered a “Level 2 Escalated Response” to the situation, meaning an emergency beyond the scope of local responders. It’s been several days since the start of this ransomware attack, but it seems to have grabbed national attention. The hack is being investigated by the FBI, the Department of Information Recourses (DIR), the Texas Division of Emergency Management (TDEM), Department of Homeland Security, Federal Emergency Management Agency (FEMA), and the Texas A&M University System’s Cyberresponse and Security Operations Center.

DIR has said they are “not aware” of any cities that have paid the ransom and although the investigation is ongoing, they are more concerned in response and recovery of the affected entities.

So far only two cities have openly conceded their involvement and affected operations. Borger and Keene cities are both unable to process utility payments and there is no established time-line for when business and financial systems will be restored.

This is an entirely different kind of cyber-attack.

Experts are saying “simultaneously targeting nearly two dozen cities represents a new kind of cyberassault,” not to mention this could signal similar attacks in the future, potentially putting entire states out of commission.

Cybersecurity analyst Allan Liska said this is “absolutely the largest coordinated attack” and “it may be the first time that we’ve seen a coordinated attack.” Liska also stated there has been an increase this year in cyberattacks against US city, county and state governments. In 2018 there were 54 publicly reported attacks, his firm has identified 61 so far in 2019.

And it’s only August.

We do believe the best offense is a good defense. Not to give these hackers anything to work with, no loop holes to find or system failures to wiggle their way into. It’s also best practice to continue cybersecurity training for any and all employees as these attacks tend to come from a clicked link on an email or downloaded attachment.

Luckily, DarkHound provides cybersecurity training. If we are to combat future coordinated attacks, we need to do it together.

Contact us today at [email protected]

–Emmy Seigler

Sources:

https://www.npr.org/2019/08/20/752695554/23-texas-towns-hit-with-ransomware-attack-in-new-front-of-cyberassault
https://www.bleepingcomputer.com/news/security/coordinated-ransomware-attack-in-texas-hits-23-local-governments/

Image Sources: Canva