On Saturday of last week, nearly two dozen state agencies across Texas in the U.S. reported having major computer issues. The state now believes that a single hacker is behind this crippling attack.
The Texas Department of Information Resources (DIR) said in a release on Saturday that it is overseeing the response to a “coordinated ransomware attack” on several state agencies across the U.S. state. As of Saturday, DIR knew of 23 agencies that were affected in the attack, which the department believes was likely executed by a “single threat actor.”
DIR say it is working with many organisations to bring the systems back online, including the state’s Division of Emergency Management, military department, and Public Utility Commission, as well as the Federal Bureau of Investigation’s cyber unit and Federal Emergency Management
We are leading the response to a ransomware attack on at least 20 Texas local government entities. For more information, including #ransomware facts and cybersecurity tips see our attached guides and visit our website at https://t.co/FmjRaiKKgI pic.twitter.com/1Dq88cv6XW
— Tx Dept of IR (@TexasDIR) August 17, 2019
“Currently, DIR, the Texas Military Department, and the Texas A&M University System’s Cyberresponse and Security Operations Center teams are deploying resources to the most critically impacted jurisdictions,” DIR said in a statement.
DIR would not tell Gizmodo which agencies were affected in the attack. “At this time, we’re not yet naming impacted entities so as to not make them a target for other potential bad actors,” a DIR spokesperson said in an email.
This incident is just the latest of many recent ransomware attacks on U.S. municipalities and state agencies. In June, Riviera Beach, Florida, voted to pay criminals $US600,000 ($887,269) in bitcoin to release the stranglehold the hackers gained on the city’s network after a police department worker opened an email attachment infected with malware.
Days later Lake City, Florida, paid a bitcoin ransom of $US460,000 ($680,240) to hackers that had attacked that city’s network.
In May, about 10,000 computers belonging to Baltimore’s city government were infected with RobbinHood ransomware, in an attack that is expected to cost the city millions of dollars.
Last year, the city of Atlanta was hit in a SamSam ransomware attack, for which two Iranians hackers were indicted.
As the Next Web points out in its reporting of the Texas attack, a recent report from Malwarebytes, a cybersecurity company, showed the firm has been seeing a decrease in malware attacks on consumers and an increase in attacks on government agencies and businesses.
According to its findings, ransomware detections for businesses increased 363 per cent in the second quarter of 2019.