Cybercriminals carry out a coordinated ransomware attack on Texas municipal authorities

At the end of last week, August 16, 2019, the municipal authorities of several districts in Texas immediately notified the Department of Information Resources (DIR) about problems with access to data. The reason for this was the ransomware attack that the Texas authorities were subjected.

DIR representatives are currently coordinating incident response and investigation with more than ten other government agencies in Texas and the United States, such as the Texas Department of Emergency Situations, the FBI, the Department of Homeland Security, the Texas Department of Public Security, and so on.

So far, the DIR has not disclosed the exact number of affected organizations, but it is known that the incident was a “coordinated ransomware attack”, with more than 20 victims.

“At this time, gathered evidence indicates the attacks came from one single threat actor”, – DIR officials said.

It is separately emphasized that the attacks did not affect Texas systems and networks.

According to ZDNet’s own sources, the ransomware that infected the municipal authorities ’networks encrypts the files and then adds the .JSE extension at the end. This ransomware does not have its own name, and usually it is simply called the JSE ransomware or Nemucod, by the name of the dropper delivering the malware to infected host.

Read also: After coder’s attack some areas of Johannesburg were left without electricity

However, according to another source of the publication, the Texas authorities suffered from attacks by the ransomware Sodinokibi (REvil), and not JSE. Since there is no official information on the technical aspect of what is going on, it is difficult to say which of the sources of rights.

John Bel Edwards
John Bel Edwards

“It appears all entities that were actually or potentially impacted have been identified and notified”, – DIR said. “Responders are actively working with these entities to bring their systems back online.”

It is worth reminding that ransomware attacks on the systems of small American cities have recently become a real trend among criminals.

For example, the governor of Louisiana, John Bel Edwards was forced to introduce a state of emergency in the state until August 21 this year. The reason for this was a series of coordinated ransomware attacks targeting school districts in North Louisiana.

Because of these incidents, the IT networks of three school districts were disconnected and the files were encrypted and inaccessible.
User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

Daniel Zimmermann

Daniel Zimmermann has been writing on security and malware subjects for many years and has been working in the security industry for over 10 years. Daniel was educated at the Saarland University in Saarbrücken, Germany and currently lives in New York.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *


This site uses Akismet to reduce spam. Learn how your comment data is processed.

Back to top button