22 Texas Cities Attacked by Ransomware Simultaneously

Hackers successfully installed ransomware on computers of 22 different, local government offices in Texas.  The state is not yet releasing the names of the cities or the data that was corrupted, but two of the municipalities announced online they had been affected.  Both cities say they cannot process utility payments at this time, and one of the cities’ birth and death certificate registry is offline.

The hacker targeted the managed service provider (MSPs) used by the local government offices.  An MSP is a third-party company who provides IT services to a business or division of government.  It is common for small local governments to outsource their IT services because they often don’t have the staff size to support an internal IT role.

The hackers are demanding $2.5 million in bitcoin to unlock the files.  Studies show that in many cases, these ransom demands are paid.  If a backup of the data is not maintained, or the hacker is able to corrupt the backup, many small local governments are faced with no other choice than to pay the ransom.

This attack is unique because of the coordination of taking down 22 cities at the same time.  Ransomware attacks on small governments are on the rise, but this is the first attack on multiple cities.

Lessons You and Your Business Can Learn from This Attack:

If you are outsourcing your IT services, make sure they are a trusted vendor who is up to date with current issues.  Quanexus maintains the CompTIA Security Trustmark+ which requires a third party to audit our policies and procedures.  Often these ransomware attacks come in the form of a phishing email.  Your employees are on the front line of defending against attacks like these.  Continued education on what employees should and should not click on while on company computers, is essential to keeping your data safe.

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Charles Wright in Cybersecurity, Information Security, Recent Posts, Small Business