Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

‘Coordinated’ Ransomware Attack Hits 23 Towns in Texas

A ransomware attack hit 23 local government entities in Texas last week, the Texas Department of Information Resources (DIR) has revealed.

A ransomware attack hit 23 local government entities in Texas last week, the Texas Department of Information Resources (DIR) has revealed.

The attack was observed on the morning of August 16 and appears to have been launched by a single threat actor, the DIR announcement reads.

The State Operations Center (SOC) was activated soon after the attack reports started to come in, and DIR says that all of the entities that were actually or potentially affected appear to have been identified and notified.

A total of twenty-three entities have been confirmed as impacted so far, and the responders are working on bringing the affected systems back online.

While the current focus is on recovery, the responders are also investigating the origin of the attack, although no information on the threat actor behind it has been revealed so far.

“The State of Texas systems and networks have not been impacted,” DIR revealed.

DIR and numerous other agencies have deployed resources to support the affected entities, including the Texas Military Department, Texas Division of Emergency Management, the Texas A&M University System’s Security Operations Center/Critical Incident Response Team, and the Texas Department of Public Safety, among others.

While no details have been provided to date on the ransomware used as part of the attack, ZDNet suggests it could be a malware family that encrypts files and renames them with the .jse extension.

Advertisement. Scroll to continue reading.

The threat has been around for at least a year, standing out in the crowd because it does not leave a ransom note behind.

The Texas ransomware attack comes only a month after Louisiana schools were targeted in similar malware assaults, prompting Gov. John Bel Edwards to issue an emergency declaration.

Also last month, LaPorte County in Indiana reportedly paid cybercriminals over $130,000 after having its systems infected with Ryuk, a piece of ransomware that prompted Jackson County in Georgia to pay a $400,000 ransom.

Related: Louisiana Schools Suffer Cyberattacks Ahead of Year’s Start

Related: Indiana County Pays $130,000 in Response to Ransomware Attack: Reports

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Discover strategies for vendor selection, integration to minimize redundancies, and maximizing ROI from your cybersecurity investments. Gain actionable insights to ensure your stack is ready for tomorrow’s challenges.

Register

Dive into critical topics such as incident response, threat intelligence, and attack surface management. Learn how to align cyber resilience plans with business objectives to reduce potential impacts and secure your organization in an ever-evolving threat landscape.

Register

People on the Move

Software giant Atlassian has named David Cross as its new CISO.

Dan Pagel has been named the new CEO of risk management and remediation firm Brinqa.

The City of Phoenix has promoted Mitch Kohlbecker to the role of Chief Information Security Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.