Ransomware attack has hit 20 government agencies in Texas

[Bubbajim]

In context: Five years ago ransomware was a minor player in the world of cybercrime, but today it’s one of the most costly problems plaguing IT systems. Texas has become the latest state to fall prey to a coordinated attack, with 20 local government entities affected.

Another day, another ransomware attack. This year has seen some high-profile hits, with Florida paying out hundreds of thousands of dollars, and Baltimore, Maryland, also losing millions following their own troubles.

This week the state of Texas has joined the list of targets. According to Texas’s Department of Information Resources (DIR), more than 20 local government entities have been impacted by a ‘coordinated ransomware attack.’ DIR states that “the Texas Military Department, and the Texas A&M University System’s Cyberresponse and Security Operations Center teams are deploying resources to the most critically impacted jurisdictions.”

No disclosure has beeen made regarding how much of a payment is being requested, though given recent attacks on other states the amount is likely to be eye-watering. Also absent is any information on which ‘local government entities’ have been affected.

While at this point any theory about how the ransomware was delivered is simple speculation, it seems likely to be a phishing attack. Millions of people still fall prey to dodgy links and shifty emails, making life easy for criminals who send massive numbers of emails but often only need one person to make a mistake.

It also seems like the public sector and local government agencies are disproportionately affected by such attacks. One possible explanation is that tight budgets and costly upgrade procedures prevent many organizations from updating older software, thus becoming unsecured by nature. But if ransomware attacks continue to become commonplace – and evidence suggests they will – states will have to start paying proper attention to cybersecurity. Upgrades cost money, but ransomware attacks cost money, time and reputation.

It remains to be seen how Texas will respond to this crisis. Texan officials may be hoping for federal agencies like the NSA to help restore order – seeing as the NSA’s own EternalBlue code is allegedly the basis for many modern versions of ransomware.

Permalink to story.

https://www.techspot.com/news/81497-ransomware-attack-has-hit-20-government-agencies-texas.html

 

[Nero7]

A good day today to make an offline external backup of your precious things.
Also, never ever drop your HDD.

 

[DelJo63]

It's unlikely that a home user would be targeted, but the fundamentals of this exploit have a straight forward solution:

1. keep a current copy of your Documents\
2. if hit with ransomware, then wipe the HD
3. do a fresh install
4. and apply the backup of your Documents\

Commercially, ANY choice will take a painful amount to time to restore all those workstations.

 

[Nero7]

It's unlikely that a home user would be targeted, but the fundamentals of this exploit have a straight forward solution:

1. keep a current copy of your Documents\
2. if hit with ransomware, then wipe the HD
3. do a fresh install
4. and apply the backup of your Documents\

Commercially, ANY choice will take a painful amount to time to restore all those workstations.

Ever since that huge data leak on emails and their passwords some months ago, even some of my adresses have received threats in the spam filter from vermin claiming that they have my password and know where I was and what I did. Someone also tried to buy something on the windows store but failed.

I was lucky my security was tight it seems and after I changed all my passwords slightly I haven't gotten anymore.

Its everyone. Even in entire countries all the hospitals had all their data locked away.

 

[Bullwinkle M]

"One possible explanation is that tight budgets and costly upgrade procedures prevent many organizations from updating older software, thus becoming unsecured by nature."
---------------------------------------------------------------------------------------------------------------------------------
An even BETTER explanation for why "I" am NOT getting ransomware of any type is that I use a lot of OLDER software that does NOT run to the Internet for an update every 5 minutes, nor do I allow Java scripts, Flash, Net Framework, or Adobe's garbage from connecting and run my O.S. in Read Only mode using Driveshield (among other things)

I'm still running Windows XP-SP2 "ONLINE" without ANY Microsoft security updates and have never had a problem with ANY ransomware / rootkits or any other malware that can wreck a Windows 10 machine

A malware platform like Windows 10 cannot be secured!

That is a FACT!

Microsoft's Backdoors and dozens of components all connecting to the Internet is the problem / not the solution

Allowing 3rd party's to do the same (by default) is another problem

Preventing end users from controlling their own security and stopping this madness might be the biggest problem

Blackmail and extortion in the licensing (non)agreement is another

You are now on an endless treadmill to nowhere

Enjoy the ride Suckers!

 

[GeforcerFX]

"One possible explanation is that tight budgets and costly upgrade procedures prevent many organizations from updating older software, thus becoming unsecured by nature."
---------------------------------------------------------------------------------------------------------------------------------
An even BETTER explanation for why "I" am NOT getting ransomware of any type is that I use a lot of OLDER software that does NOT run to the Internet for an update every 5 minutes, nor do I allow Java scripts, Flash, Net Framework, or Adobe's garbage from connecting and run my O.S. in Read Only mode using Driveshield (among other things)

I'm still running Windows XP-SP2 "ONLINE" without ANY Microsoft security updates and have never had a problem with ANY ransomware / rootkits or any other malware that can wreck a Windows 10 machine

A malware platform like Windows 10 cannot be secured!

That is a FACT!

Microsoft's Backdoors and dozens of components all connecting to the Internet is the problem / not the solution

Allowing 3rd party's to do the same (by default) is another problem

Preventing end users from controlling their own security and stopping this madness might be the biggest problem

Blackmail and extortion in the licensing (non)agreement is another

You are now on an endless treadmill to nowhere

Enjoy the ride Suckers!

Your proud of running outdated software? I have been running modern windows since Vista no malware infections ever and never had a ransomware attack. You don't need a super custom version of Windows XP and some software from 2003 to avoid ransomware attacks, you just need a functioning brain.

 

[cliffordcooley]

Your proud of running outdated software? ..... you just need a functioning brain.

It doesn't matter how old the software is, if it works for them. New hardware/software does not always equate to more secure. Just look at Intel and Win10. Heck even Apple and Android new offerings are being hit. It is though as you stated requiring people to attempt avoiding attacks. But using new products is no guarantee.

 

[Jules Mark]

Just encrypt your backups HDD with a simple password. It can protect against some ransomware attacks.

 

[cliffordcooley]

Just encrypt your backups HDD with a simple password. Ransomware cannot encrypt something that is already encrypted.

Then how is this possible?
https://en.wikipedia.org/wiki/Multiple_encryption

 

[Bullwinkle M]

"One possible explanation is that tight budgets and costly upgrade procedures prevent many organizations from updating older software, thus becoming unsecured by nature."
---------------------------------------------------------------------------------------------------------------------------------
An even BETTER explanation for why "I" am NOT getting ransomware of any type is that I use a lot of OLDER software that does NOT run to the Internet for an update every 5 minutes, nor do I allow Java scripts, Flash, Net Framework, or Adobe's garbage from connecting and run my O.S. in Read Only mode using Driveshield (among other things)

I'm still running Windows XP-SP2 "ONLINE" without ANY Microsoft security updates and have never had a problem with ANY ransomware / rootkits or any other malware that can wreck a Windows 10 machine

A malware platform like Windows 10 cannot be secured!

That is a FACT!

Microsoft's Backdoors and dozens of components all connecting to the Internet is the problem / not the solution

Allowing 3rd party's to do the same (by default) is another problem

Preventing end users from controlling their own security and stopping this madness might be the biggest problem

Blackmail and extortion in the licensing (non)agreement is another

You are now on an endless treadmill to nowhere

Enjoy the ride Suckers!

Your proud of running outdated software? I have been running modern windows since Vista no malware infections ever and never had a ransomware attack. You don't need a super custom version of Windows XP and some software from 2003 to avoid ransomware attacks, you just need a functioning brain.

Yes, it is too bad the people working for local government agencies do not have functioning brains

If they DID have functioning brains, they would be proud to use "secure" software that is NEVER outdated, without fear of ransomware or other threats, even those from Microsoft

 

[DelJo63]

Ever since that huge data leak on emails and their passwords some months ago, even some of my adresses have received threats in the spam filter from vermin claiming that they have my password and know where I was and what I did. Someone also tried to buy something on the windows store but failed.

:giggling: ME TOO. The email reported a password for an account abandoned last year so who cares -- they can't login to an account that was closed.

Secondary point. The origin of the email as internal to the email service!!
So much for their vetting of employees

 

[retsxel]

A malware platform like Windows 10 cannot be secured!

That is a FACT!

That's true.

Microsoft's Backdoors and dozens of components all connecting to the Internet is the problem / not the solution

Allowing 3rd party's to do the same (by default) is another problem

Also true.

Preventing end users from controlling their own security and stopping this madness might be the biggest problem

This is easily the smartest thing I've seen you say.

Blackmail and extortion in the licensing (non)agreement is another

Plausible point.

You are now on an endless treadmill to nowhere

Enjoy the ride Suckers!

LOL!

 

[Uncle Al]

Absolutely amazing that as often as this has happened these cities and towns remain so unprepared. So how many of them used "Password" or "123456789" for their server passwords? I'm betting more than you will believe .....

 

[Aux101]

President Trump had 'promised' the creation of a super agency to combat cybercrime if I remember correctly. He's been there for almost three years now and nothing has been done that I'm aware of.

 

[lazer]

If state and city governments are hit so easily, isn't it just a matter of time until the federal government is hit. and looking forward in time, an enemy nation could possibly come into the armed forces and wreck havoc with the country's security?

 

[Markoni35]

Wanna bet it's Israel who are making that ransomware?

 

[lazer]

Wanna bet it's Israel who are making that ransomware?

OK, I'll bet you. Get your computer infected with ransomware and see where the money goes......

 

[retsxel]

President Trump had 'promised' the creation of a super agency to combat cybercrime if I remember correctly. He's been there for almost three years now and nothing has been done that I'm aware of.

Citation?