show image

Texas hit by wide-ranging ransomware attack

Texas has become the latest target in a series of cyber attacks on local government entities in the United States.

State officials revealed over the weekend that 23 local government organisations had fallen victim to a coordinated ransomware attack.

The attack began on Friday morning (16 August) and is believed to have been carried out by a single threat actor, although their identity is yet to be established.

A total of at least 10 state and federal agencies have been enlisted as part of the response to the attack, including the Texas Department of Information Resources (DIR), Military Department and Division of Emergency Management, as well as the FBI and Department for Homeland Security.

In a statement released on Saturday (17 August), the DIR said it believed all affected entities had been identified and that the majority were smaller local governments. None of the affected systems belong to the state itself.

While the DIR did not disclose any details of the attack, a source told ZDNet it had been conducted using a strain of ransomware known as .JSE because of the file extension it uses.

Liron Barak, the chief executive of security vendor BitDam, said local governments are lucrative targets for hackers. “In addition to the regular ‘hacker’s benefits’ of gaining access to customer data, an attacker who penetrates a city’s system may get access to sensitive resident information,” she said.

“Depending on the IT structure of the targeted local government, hackers can have an impact on multiple systems, beyond just customer information databases. From an attacker’s perspective, the potential in hacking a city is much higher than the potential in hacking a commercial organisation.”

The incident is just the latest in a series of cyber attacks targeting US local government. In recent months a number of cities have been hit by ransomware attacks, with several meeting the hackers’ demands. Earlier this summer, officials in Lake City in northern Florida paid out nearly $500,000 after hackers took out their email and phone network.