Texas has been hit by a major, coordinated cyberattack which has left numerous municipalities and government facilities reeling. State officials have confirmed that computer systems in 22 municipalities have been compromised by ransomware. Officials have not fully disclosed the affected targets or the hackers demands, but one city’s mayor stated that the attackers are asking for $2.5 million to unlock their files.
The Federal Bureau of Investigations and state cybersecurity experts are examining the ongoing breach, and the Texas Department of Information Resources says the evidence so far points to a single threat actor who managed to execute a very coordinated attack. Investigators have not yet identified exactly who is behind the attack.
Two of the 22 affected cities have come forward with details. Officials in Borger state that the attack has affected city business and financial operations. Birth and death certificates are not available online, and the city can’t accept utility payments from any of its 13,250 residents. Keene, outside Fort Worth, was also hit. The municipal government also reports that the attack halted their ability to process utility payments.
Threat intelligence analyst Allan Liska from the research firm Recorded Future says: “[This attack presents] a new front in the ransomware attack. It absolutely is the largest coordinated attack we’ve seen.”
Liska’s firm reports that ransomware attacks aimed at state and local government have been steadily increasing. They’ve identified at least 169 examples of hackers breaking into government computer systems since 2013. Liska adds that there have been more than 60 such attacks already this year.
These attacks almost always begin with phishing emails — seemingly innocent emails that compel a user to click a malicious link or trigger a download. Once the ransomware finds a way into a system through a careless user, there’s very little stopping it from spreading. Cybersecurity experts know that continuous cyber monitoring offers one way to identify and respond to such intrusions before they can cause damage, but many organizations and government offices turn a blind eye.
“The problem is that businesses and municipal governments see cybersecurity as a cost and not an investment. They cut corners and shop on price. This seems like a good idea until the worst happens — and then it’s their constituents that pay the price in the form of lost tax dollars and government shutdowns,” says cybersecurity consultant Don Romero.
Individuals, businesses and institutions such as hospitals have been targeted by ransomware attacks for years. With the recent attacks on state and city government, local officials are rushing to secure their computer systems, holding new training, and backing up their servers.
How is the government in your city handling this growing cybersecurity threat? We encourage people to attend a council meeting and raise this question. Let your representatives know that you expect your city and your private data to be protected from hackers.