August 20, 2019
Ransomware News: 23 Texas Agencies Hit with Cyberattack
A cybersecurity attack has victimized at least 23 government agencies across Texas over the weekend.
According to the Texas Department of Information Resources (DIR), the cyber attack occurred on the morning of August 16 and has been working on a 24-hour basis since then. The strain of ransomware is believed to be Nemucod which encrypts files by adding the .JSE extension. It does not include a ransom note, so victims are often unaware of what happened to their data.
The DIR is working with various agencies in response to the attack including cybersecurity experts, the military, and counter-terrorism units. Although it is currently unclear how the ransomware infection occurred, authorities believe it originates from a single actor.
Recently, we have seen similar attacks on local government in two Florida cities, Baltimore, and Atlanta. In each of these occasions, the cities did not have adequate business continuity and disaster recovery plans in place and have been hit with millions of dollars in costs.
As we have said countless times, the best way to fight ransomware is by protecting your files and systems and preventing the ransomware from claiming your company as its victim. This is done with a multilayered approach:
- Use a good quality antivirus program, and patch and update operating systems regularly
- Educate your users about ransomware and how to detect phishing and social engineering schemes
- Back up files often — and automatically. While the backup does not prevent infiltration, it does give you an out — instead of paying the ransom, you can restore to a pre-attack status
To learn more about the current landscape of ransomware and how you can avoid falling victim, check out Datto's State of the Channel Ransomware Report.