Texas local governments hit with coordinated ransomware attack

malware attack

A number of local government entities in Texas have been hit with a coordinated ransomware attack on Friday morning.

According to the Texas Department of Information Resources (DIR), the ransomware attack affected 23 local government entities statewide.

The DIR together with the Texas Military Department and the Texas A&M University System’s Cyber Response and Security Operations Center teams and Texas Department of Public Safety are dealing with the problem.

They are currently “deploying resources to the most critically impacted jurisdictions.  Further resources will be deployed as they are requested,” according to the DIR in a statement.

Based on the investigation of the responders, a “single threat actor” committed the coordinated ransomware attack. They investigations into the origin of the attack are ongoing. However, their current priority is response and recovery.

Responders already identified and notified the impacted local government entities and they are actively working on bringing their systems back online.

The DIR encouraged “local jurisdictions who have been impacted should contact their local TDEM Disaster District Coordinator.” The department also stressed that it is “fully committed to respond swiftly to this event and provide the necessary resources to bring these entities back online.

In addition, the DIR reminded local governments about the following cybersecurity best practices:

  • It is everyone’s responsibility to remain cyber aware and practice information safety.
  • Do not open suspicious or unexpected links or attachments in emails.
  • Hover over hyperlinks in emails to verify they are going to the anticipated site.
  • Be aware of malicious actors attempting to impersonate legitimate staff, and check the email sender name against the sender’s email address.
  • Use unique strong passwords or pass-phrases for all accounts.
  • Do not provide personal or organizational information unless you are certain of the requestor’s authority, identity, and legitimacy.
  • Alert your IT staff or supervisor if you have any concerns about the legitimacy of any email, attachment, or link.
  • Take advantage of available cybersecurity awareness training.