The state of Texas has come under fire from a coordinated ransomware attack affecting over 20 local authorities.
The Texas Department of Information Resources (DIR) released an updated statement over the weekend detailing its response to the attacks, which occurred on Friday morning local time.
Some 23 local government agencies were hit by the attacks – which are said to have come from the same threat actor – although state IT systems and networks are not affected.
“Investigations into the origin of this attack are ongoing; however, response and recovery are the priority at this time,” the statement noted. “It appears all entities that were actually or potentially impacted have been identified and notified.”
The Texas DIR urged computer users not to click through or open attachments on unsolicited emails, check email sender details, use unique and strong passwords on all accounts, alert supervisors about any suspicious activity, and take advantage of cybersecurity training.
Local government bodies are coming under increasing attack in the US, with cyber-criminals betting correctly that poor security practices and under-funding have left them particularly exposed to ransomware.
Over the past few months several cities in Florida have come under fire, with at least two, Lake City and Riviera Beach, choosing to pay a combined ransom of over $1m. In Texas, the city of Del Rio was hit in January, forcing public sector staff back to using pen and paper.
In Baltimore, which was also hit but refused to pay up, reports suggest the local authority may end up with a bill for as much as $18m.
Ransomware detections rocketed by 365% year-on-year in the second quarter of 2019, according to Malwarebytes. The vendor claimed in Q1 that virtually all of its detections were now related to attacks on businesses, as hackers focus their efforts on more lucrative targets.