show image

Hackers behind Texas ransomware attack demand $2.5m

The hackers behind a series of coordinated ransomware attacks on local government organisations in Texas have demanded $2.5m (£2m) to release encrypted files.

The computer systems of 22 local government entities have been locked down by the attack, which has disrupted business and financial operations across the state. Officials have been forced to stop taking payments for a range of services including utilities as they scramble to get systems back online.

Speaking to National Public Radio on Tuesday, Gary Heinrich, the mayor of Keene, Texas, revealed that “just about everything we do at City Hall is impacted”. Heinrich said the hackers behind the attacks demanded a collective ransom of $2.5m, but that his city would not be paying up.

A spokesperson for the Texas Department for Information Resources, which has been leading the response to the attack, told NPR the organisation was not aware of any of the affected cities paying the ransom. A number of federal agencies, including the FBI and Department for Homeland Security, have also been drafted in to respond to the attack.

It is believed the virus, known as .JSE because of the file extension it uses, was disseminated via a managed service provider working on behalf of a number of cities. “They got into our software provider, the guys who run our IT systems,” said Heinrich. “A lot of folks in Texas use providers to do that, because we don’t have a staff big enough to have IT in house.”

The incident is just the latest in a series of cyber attacks targeting US local government agencies. In recent months a number of cities have been hit by ransomware attacks, with several meeting the hackers’ demands. Earlier this summer, officials in Lake City in northern Florida paid out nearly $500,000 after hackers took down their email and phone network.

Liron Barak, the chief executive of security vendor BitDam, described local governments as lucrative targets for hackers: “In addition to the regular ‘hacker’s benefits’ of gaining access to customer data, an attacker who penetrates a city’s system may get access to sensitive resident information.”