Texas Cyber Attack Has Taken 23 Government Agencies Offline

It has been reported that the Department of Information Resources (DIR) has confirmed that the state of Texas has been responding to a cyber-attack that has affected at least 23 government agencies. Details are at a minimum at the moment as the Department of Information Resources (DIR) leads the response and investigation into the attacks. Texas released a brief notification advising affected local jurisdictions to call the state’s Division of Emergency Management for assistance. The attacks started in the morning of August 16 and based on the collected evidence appear to have been conducted by a single threat actor.

The latest development to this hack is that the hacker is now demanding a collective ransom of $2.5 million. The names of all the municipalities impacted by the attack remain undisclosed, but two of them announced the hit publicly. Ransomware incidents have increased lately in the U.S., and the government sector is a frequent target. And it makes sense when more and more administrative entities decide to pay the ransom, which may get as high as half a million dollars.

Experts Comments

August 20, 2019
Corin Imai
Senior Security Advisor
DomainTools
Different forms of cybercrime go in and out of fashion according to how effective they are at any given moment. Recently, ransomware targeting smaller local government entities has proven to be a profitable endeavour, hence the rise in this type of attacks. Another element granting popularity to this type of attacks is that they are relatively low cost and easy to pull off, especially when the target isn’t a large enterprise with the resources to protect its entry points, patch regularly and .....Read More
Different forms of cybercrime go in and out of fashion according to how effective they are at any given moment. Recently, ransomware targeting smaller local government entities has proven to be a profitable endeavour, hence the rise in this type of attacks. Another element granting popularity to this type of attacks is that they are relatively low cost and easy to pull off, especially when the target isn’t a large enterprise with the resources to protect its entry points, patch regularly and train its employees on email hygiene best practices. It is important to use the coverage that these attacks are gaining on the media to promote cybersecurity awareness among local governments and SMEs, which, regardless of their size, should realise that they are still potential targets and should therefore move cybersecurity at the forefront of their agenda; sometimes, even just ensuring that employees are prepared to recognise the signs of a phishing email can be what makes the difference between having to pay a ransom and a diverted security incident.  Read Less
August 20, 2019
Liron Barak
CEO
BitDam
Attacking local governments poses great potential for hackers. In addition to the regular “hacker's benefits” of gaining access to customer data, an attacker who penetrates a city's system may get access to sensitive residents information. Depending on the IT structure of the targeted local government, hackers can have an impact on multiple systems, beyond just customer information databases. From an attacker's perspective, the potential in hacking a city is much higher than the potential.....Read More
Attacking local governments poses great potential for hackers. In addition to the regular “hacker's benefits” of gaining access to customer data, an attacker who penetrates a city's system may get access to sensitive residents information. Depending on the IT structure of the targeted local government, hackers can have an impact on multiple systems, beyond just customer information databases. From an attacker's perspective, the potential in hacking a city is much higher than the potential in hacking a commercial organisation. In addition, local governments tend to communicate with a wide variety of businesses and individuals, with many of them being one time contacts. This makes them more vulnerable to attacks, as their employees don't know most of the contacts with whom they communicate in person. Moreover, when it comes to cities in the U.S, many of them are comprised of multiple departments and units, using various technological platforms, policies, and processes. This structure may make it more difficult for the security team to protect each and every endpoint. To summarise, cities offer a great opportunity for hackers, who look for easy targets showing high potential. Therefore, it is no surprise that most of the top 25 U.S. cities have cyber-insurance or are looking to buy a policy, according to The Wall Street Journal. Cities should be more aware of the risk, train their employees and constantly update their systems with security updates and patches. They should also get familiar with the latest development in cybersecurity to ensure they are not lagging behind in this cat and mouse race of cyberattacks vs cybersecurity solutions.  Read Less
September 05, 2019
Josh Lemos
Vice President of Research & Intelligence
BlackBerry Cylance
While our data shows a decline in general purpose ransomware, targeted ransomware has become a powerful weapon against state and local municipalities who often have underfunded and understaffed information security programs. This makes them relatively soft targets for attackers who are selecting victims to maximize their probability of payment.
August 20, 2019
Javvad Malik
Security Awareness Advocate
KnowBe4
Not only have ransomware attacks been growing, but the amounts they have been demanding has been getting higher, and there has been more specific targeting of victims. Recently Florida city agreed to pay $600,000 in ransomware after being affected. So this co-ordinated attack against Texas may be as a result of seeing how cities or city departments are potentially willing to pay a ransom. For many cities, and enterprises, recovery from backups is also not a cheap option, so preventing.....Read More
Not only have ransomware attacks been growing, but the amounts they have been demanding has been getting higher, and there has been more specific targeting of victims. Recently Florida city agreed to pay $600,000 in ransomware after being affected. So this co-ordinated attack against Texas may be as a result of seeing how cities or city departments are potentially willing to pay a ransom. For many cities, and enterprises, recovery from backups is also not a cheap option, so preventing ransomware is vitally important. With many infections spreading through phishing, training users to be able to spot and report suspected attempts is the first line of defense before technical controls.  Read Less
August 20, 2019
Saryu Nayyar
CEO
Gurucul
This is the latest reminder that ransomware attacks are so common because they’re usually profitable for the attackers. Ransomware is also one of the most basic cyberattack vectors to defend against. It can be thwarted by a couple of tactics that have long been in use – patches and backups. Ransomware usually relies on human errors or known, unpatched vulnerabilities to succeed. When it does succeed, and the victim doesn’t have backups, the attacker’s extortion tactics often work......Read More
This is the latest reminder that ransomware attacks are so common because they’re usually profitable for the attackers. Ransomware is also one of the most basic cyberattack vectors to defend against. It can be thwarted by a couple of tactics that have long been in use – patches and backups. Ransomware usually relies on human errors or known, unpatched vulnerabilities to succeed. When it does succeed, and the victim doesn’t have backups, the attacker’s extortion tactics often work. Many overburdened IT departments don’t have the time or the tools to get the cybersecurity basics right. Every organisation should use two factor authentication (2FA) to block brute force attacks, perform regular backups of valuable data, deploy patches and updates immediately to stop known threats and provide each critical system with a unique and frequently updated password. From there, organisations should invest in modern cybersecurity technology with machine learning algorithms that can identify anomalous behaviours in real-time, before an attacker can strike.  Read Less
August 20, 2019
Jon Lucas
Co-director
Hyve
The news that 23 Texas government organisations have been infected with ransomware is the latest in a news cycle flooded with expensive and high-profile ransomware attacks, that increasingly features organisations in the public sector. The reality is that these attacks will keep happening until organisations take more proactive action to protect themselves. Better user education to improve the human factor in their security strategy is imperative. On top of this, they need a greater level of.....Read More
The news that 23 Texas government organisations have been infected with ransomware is the latest in a news cycle flooded with expensive and high-profile ransomware attacks, that increasingly features organisations in the public sector. The reality is that these attacks will keep happening until organisations take more proactive action to protect themselves. Better user education to improve the human factor in their security strategy is imperative. On top of this, they need a greater level of technology protection to prevent vulnerabilities from being exploited, antivirus protection should be a given, as well as on and off site backups for added security. “As cyber-crime grows ever-more sophisticated, it is crucial that all organisations address how they will prevent ransomware attacks. This is especially critical for organisations in the public sector, as they often have thousands of citizens, including the most vulnerable, dependent on their services running smoothly.  Read Less
August 22, 2019
Robert Ramsden Board
VP EMEA
Securonix
US government bodies have recently been a major target for ransomware attackers as they have been seeing huge pay outs from their attacks, with numerous governments giving into attacker demands and reportedly paying ransoms. It is therefore not surprising the attackers in this incidence are demanding such a huge amount of money – if it worked with previous government agencies, why should it work again? However, it generally is never recommended to pay ransom demands as this only fuels the.....Read More
US government bodies have recently been a major target for ransomware attackers as they have been seeing huge pay outs from their attacks, with numerous governments giving into attacker demands and reportedly paying ransoms. It is therefore not surprising the attackers in this incidence are demanding such a huge amount of money – if it worked with previous government agencies, why should it work again? However, it generally is never recommended to pay ransom demands as this only fuels the industry. Instead the best defence against ransomware is a comprehensive security program that protects against known threats and malicious intent or behaviour. Companies and governments have an obligation to protect themselves and their citizens or customers from ransomware attackers. Protecting data assets should now be considered a key component of national defence.  Read Less
August 20, 2019
Andrea Carcano
Co-founder and CPO
Nozomi Networks
This latest ransomware attack serves as a scary remind of the damage cybercriminals can inflict when they target critical infrastructure. Over the past couple of months, we have witnessed a significant rise in the number of ransomware attacks against US government services. The severity of this latest attack should act as a warning to critical infrastructure providers globally of the need to secure and protect their systems. For ransomware, prevention is always better than a cure......Read More
This latest ransomware attack serves as a scary remind of the damage cybercriminals can inflict when they target critical infrastructure. Over the past couple of months, we have witnessed a significant rise in the number of ransomware attacks against US government services. The severity of this latest attack should act as a warning to critical infrastructure providers globally of the need to secure and protect their systems. For ransomware, prevention is always better than a cure. Organisations need to invest in deploying artificial intelligence and machine learning tools to monitor for anomalies and identify cyber-attacks in real-time before they cause harm.  Read Less
August 23, 2019
Bill Conner
CEO
SonicWall
Its too easy to demand and receive ransom payment without the risks associated with traditional data ex filtration. Until organizations are serious about ransomware protection, these types of wide-reaching ransomware attacks will, unfortunately, continue. As we’ve witnessed across K-12 school districts and municipalities this summer, ransomware attacks are highly disruptive, said Conner. Today’s citizen-centric environments — networks that spread across city hall, law enforcement.....Read More
Its too easy to demand and receive ransom payment without the risks associated with traditional data ex filtration. Until organizations are serious about ransomware protection, these types of wide-reaching ransomware attacks will, unfortunately, continue. As we’ve witnessed across K-12 school districts and municipalities this summer, ransomware attacks are highly disruptive, said Conner. Today’s citizen-centric environments — networks that spread across city hall, law enforcement agencies, court houses and the DMV — can be compromised in minutes. Everyday operations are then held for ransom at high costs.  Read Less
August 20, 2019
Mike Bittner
Associate Director of Digital Security and Operations
The Media Trust
The rash of ransomware attacks on government entities has set off alarm bells among state and federal law enforcement agencies. The fact that a lone actor is said to be behind the attack on 23 entities underscores the security vulnerabilities of local government entities coupled with the growing sophistication of hackers. Moreover, it throws into question the wisdom behind some previously hacked entities’ decision to pay the ransom. The fact is, if you secure and back up your files, you.....Read More
The rash of ransomware attacks on government entities has set off alarm bells among state and federal law enforcement agencies. The fact that a lone actor is said to be behind the attack on 23 entities underscores the security vulnerabilities of local government entities coupled with the growing sophistication of hackers. Moreover, it throws into question the wisdom behind some previously hacked entities’ decision to pay the ransom. The fact is, if you secure and back up your files, you won’t have to negotiate with or pay off bad actors. And if entities refuse to pay, they’ll make these attacks less lucrative and appealing.  Read Less

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.