Cyber attack takes 23 government agencies offline

23 government agencies in Texas have been taken offline due to a cyber-attack, the Texas Department of Information Resources (DIR) has confirmed. The outbreak started on the morning of 16th August and an investigation has been occurring since.

The DIR won’t name any of the agencies that have been taken down in what is believed to be a ransomware attack. But a statement from the department does report that “the majority of these entities were smaller local governments,”. The statement continues to note that all those affected have been informed.

Who is responsible?

Since the attack, the Texas State Operations Centre has been working around the clock to investigate the problem and try and find who conducted the operation.

The Texas Military Department, the Department of Homeland Security, the FBI and Texas Division of Emergency Management are just a few investigators who believe that a single threat actor is responsible for the infiltration.

ZDNet suggests that the ransomware used is a strain known by some security vendors as Nemucod. Catalin Cimpanu, who writes for the online news platform says it “encrypts files and then adds the .JSE extension at the end,”. He also spoke of the actor not giving a ransom note, which leaves victims confused as to the purpose of the attack.

One of many

The US has been under a wave of cyber-attacks recently. The targets of these have included newspapers, governments, financial companies, and even schooling institutions.

Head of cybersecurity for Amtrust International, Ian Thornton-Trump, commented that these outbreaks are worrying due to the specifics that are being put into them. “I think that nation-state actors are looking at these sorts of mass-scale attacks and studying them carefully,”

Protection and prevention

To protect against cyber-attacks, the DIR statement suggests a number of solutions. It proposes that people ought to take advantage of training and they should “not open suspicious or unexpected links or attachments in emails.” As well as encouraging people to “Hover over hyperlinks in emails to verify they are going to the anticipated site.” And “Be aware of malicious actors attempting to impersonate legitimate staff, and check the email sender name against the sender’s email address.”

All efforts are being made to get the agencies back online as soon as possible.