In context: Five years ago ransomware was a minor player in the world of cybercrime, but today it’s one of the most costly problems plaguing IT systems. Texas has become the latest state to fall prey to a coordinated attack, with 20 local government entities affected.
Another day, another ransomware attack. This year has seen some high-profile hits, with Florida paying out hundreds of thousands of dollars, and Baltimore, Maryland, also losing millions following their own troubles.
This week the state of Texas has joined the list of targets. According to Texas’s Department of Information Resources (DIR), more than 20 local government entities have been impacted by a ‘coordinated ransomware attack.’ DIR states that “the Texas Military Department, and the Texas A&M University System’s Cyberresponse and Security Operations Center teams are deploying resources to the most critically impacted jurisdictions.”
No disclosure has beeen made regarding how much of a payment is being requested, though given recent attacks on other states the amount is likely to be eye-watering. Also absent is any information on which ‘local government entities’ have been affected.
While at this point any theory about how the ransomware was delivered is simple speculation, it seems likely to be a phishing attack. Millions of people still fall prey to dodgy links and shifty emails, making life easy for criminals who send massive numbers of emails but often only need one person to make a mistake.
It also seems like the public sector and local government agencies are disproportionately affected by such attacks. One possible explanation is that tight budgets and costly upgrade procedures prevent many organizations from updating older software, thus becoming unsecured by nature. But if ransomware attacks continue to become commonplace – and evidence suggests they will – states will have to start paying proper attention to cybersecurity. Upgrades cost money, but ransomware attacks cost money, time and reputation.
It remains to be seen how Texas will respond to this crisis. Texan officials may be hoping for federal agencies like the NSA to help restore order – seeing as the NSA’s own EternalBlue code is allegedly the basis for many modern versions of ransomware.