It seems like not a day goes by without a major company being hacked or a government-run institution exposed to ransomware attacks.
Now, state agencies in Texas have succumbed to a ‘coordinated ransomware attack‘ that has impacted at least 23 local government entities across the state.
The Texas Department of Information Resources (DIR), which is leading the response and investigation into the incident, said the attacks started in the morning on August 16.
“The majority of these entities were smaller local governments,” the DIR said, adding evidence pointed to “one single threat actor.”
The origin of the attacks is still unknown, nor were details of the affected entities. But ZDNet, quoting a local source, said the ransomware encrypted the files and added a “.JSE” extension at the end.
“Currently, DIR, the Texas Military Department, and the Texas A&M University System’s Cyberresponse and Security Operations Center teams are deploying resources to the most critically impacted jurisdictions,” the department said.
The continuing wave of ransomware attacks
The development comes as several US cities have been crippled by a wave of ransomware attacks, with infections leading agencies to spend hundreds of thousands of dollars to recover access to systems.
While one hopes there is a proper backup system and an adequate incident response plan in place, the continuing attacks reflects on the agencies‘ poor security posture, thereby making them a lucrative target.
Statistics from Malwarebytes released early this month show that ransomware detections are increasingly shifting from consumer targets to businesses and governments, suggesting threat actors are setting their sights on public and private organizations that are ill-prepared to handle such attacks.