23 Texas local government entities have fallen victim to a ransomware attack that spread like wildfire across the state. Are you backing up your data?
It seems like not a day goes by without a major company being hacked or a government-run institution exposed to ransomware attacks, according to The Next Web.
Now, state agencies in Texas have succumbed to a ‘coordinated ransomware attack‘ that has impacted at least 23 local government entities across the state.
The Texas Department of Information Resources (DIR), which is leading the response and investigation into the incident, said the attacks started in the morning on August 16.
“The majority of these entities were smaller local governments,” the DIR said, adding evidence pointed to “one single threat actor.”
The origin of the attacks is still unknown, nor were details of the affected entities. But ZDNet, quoting a local source, said the ransomware encrypted the files and added a “.JSE” extension at the end.
“Currently, DIR, the Texas Military Department, and the Texas A&M University System’s Cyberresponse and Security Operations Center teams are deploying resources to the most critically impacted jurisdictions,” the department said.
The continuing wave of ransomware attacks
The development comes as several US cities have been crippled by a wave of ransomware attacks, with infections leading agencies to spend hundreds of thousands of dollars to recover access to systems.
While one hopes there are a proper backup system and an adequate incident response plan in place, the continuing attacks reflect on the agencies‘ poor security posture, thereby making them a lucrative target.
Statistics from Malwarebytes released early this month show that ransomware detections are increasingly shifting from consumer targets to businesses and governments, suggesting threat actors are setting their sights on public and private organizations that are ill-prepared to handle such attacks.
Ransomware detections against businesses in the second quarter of 2019 rose by a whopping 363 percent year over year, while consumer detections of ransomware declined by 12 percent year over year and 25 percent quarter over quarter, the report said.
Regardless of the type of victim and the region affected, ransomware remains at the top of the list of digital threats for businesses. As long as companies continue to pay to get their data restored, “digital kidnapping” of valuable data will be a sound business model for cybercriminals, incentivizing them to mount new attacks.
Furthermore, it’s not just about paying the ransom, as many businesses will also need to invest in upgrading their security practices following a ransomware attack. This could be avoided by setting up offline backups and isolating critical data from the main network.
Lakshmanan, Ravie. (2019, August 19). 23 state agencies across Texas succumb to a ‘coordinated ransomware attack’. The Next Web.