Bekker's Blog

Blog archive

Ransomware Attack in Texas Hits 23 Government Entities

If three Florida municipalities getting hit by ransomware earlier this month sounded bad, here's a Texas-sized problem for you.

The Texas Department of Information Resources (DIR) on Friday revealed that more than 20 entities, mostly smaller local governments in the state, were impacted by a ransomware attack.

"On the morning of August 16, 2019, more than 20 entities in Texas reported a ransomware attack," the Texas DIR said in an update Saturday evening that put the total number of affected agencies at 23. State government agencies were not among those affected.

The attacks seem to be coordinated. "At this time, the evidence gathered indicates the attacks came from one single threat actor. Investigations into the origin of this attack are ongoing; however, response and recovery are the priority at this time," the updated statement said.

Officials swung into action on Friday in a response that included, in addition to the DIR, the Texas Division of Emergency Management, the Texas Military Department, the Texas A&M University System's Security Operations Center/Critical Incident Response Team, the Texas Department of Public Safety, the Texas Public Utility Commission, the U.S. Department of Homeland Security, the Federal Bureau of Investigation, the Federal Emergency Management Agency, and other federal agencies.

The ransomware incidents in Texas follow a trio of incidents in Florida in Riviera Beach, Lake City and Key Biscayne. Two of those incidents involved huge ransomware payouts -- $600,000 for Riviera Beach and $460,000 for Lake City -- most of which was covered by insurance.

It is unclear whether cities are more heavily targeted for ransomware than other types of entities. On the one hand, small and local governments often have budget struggles that result in outdated IT infrastructure, and there are many documented cases of governments falling victim to attacks. On the other hand, it's easier for a company to conceal a ransomware attack. Government agencies are more accountable to public scrutiny and less able to choose to keep an incident quiet.

Posted by Scott Bekker on 08/20/2019 at 12:38 PM


Featured

comments powered by Disqus

Subscribe on YouTube