At the end of last week, August 16, 2019, the municipal authorities of several districts in Texas immediately notified the Department of Information Resources (DIR) about problems with access to data. The reason for this was the ransomware attack that the Texas authorities were subjected.
DIR representatives are currently coordinating incident response and investigation with more than ten other government agencies in Texas and the United States, such as the Texas Department of Emergency Situations, the FBI, the Department of Homeland Security, the Texas Department of Public Security, and so on.
So far, the DIR has not disclosed the exact number of affected organizations, but it is known that the incident was a “coordinated ransomware attack”, with more than 20 victims.
“At this time, gathered evidence indicates the attacks came from one single threat actor”, – DIR officials said.
It is separately emphasized that the attacks did not affect Texas systems and networks.
According to ZDNet’s own sources, the ransomware that infected the municipal authorities ’networks encrypts the files and then adds the .JSE extension at the end. This ransomware does not have its own name, and usually it is simply called the JSE ransomware or Nemucod, by the name of the dropper delivering the malware to infected host.
However, according to another source of the publication, the Texas authorities suffered from attacks by the ransomware Sodinokibi (REvil), and not JSE. Since there is no official information on the technical aspect of what is going on, it is difficult to say which of the sources of rights.
“It appears all entities that were actually or potentially impacted have been identified and notified”, – DIR said. “Responders are actively working with these entities to bring their systems back online.”
It is worth reminding that ransomware attacks on the systems of small American cities have recently become a real trend among criminals.
For example, the governor of Louisiana, John Bel Edwards was forced to introduce a state of emergency in the state until August 21 this year. The reason for this was a series of coordinated ransomware attacks targeting school districts in North Louisiana.
User Review( votes)