23 Texas Towns Hit With Ransomware Attack In 'New Front' Of Cyberassault
Source: NPR
Texas is the latest state to be hit with a cyberattack, with state officials confirming this week that computer systems in 23 municipalities have been infiltrated by hackers demanding a ransom.
The Federal Bureau of Investigation and state cybersecurity experts are examining the ongoing breach, which began Friday morning and has affected mostly smaller local governments. Officials have not disclosed which specific places are affected.
Investigators have also not yet identified who or what is behind the attack that took the systems offline, but the Texas Department of Information Resources says the evidence so far points to "one single threat actor."
Elliott Sprehe, a spokesman for the department, said he was "not aware" of any of the cities having paid the undisclosed ransom sought by hackers. He said the areas impacted are predominantly rural.
<more>
Read more: https://www.npr.org/2019/08/20/752695554/23-texas-towns-hit-with-ransomware-attack-in-new-front-of-cyberassault
ancianita
(35,932 posts)Like Atlanta, they either make the upfront high cost investment or pay more in ransom in the long run.
The FBI has its hands full. It has confirmed that 1,493 ransomware attacks were reported last year, for a total of $3.6 million being paid to hackersabout $2,400 per attack.
bluedigger
(17,085 posts)All the assessor's tax info in particular.
ancianita
(35,932 posts)SpankMe
(2,956 posts)We've been hit by it. It's devastating.
bluedigger
(17,085 posts)With some luck, both. I expect this just shot up to the top of the FBI's priorities.
in2herbs
(2,944 posts)election?
ancianita
(35,932 posts)BamaRefugee
(3,483 posts)FakeNoose
(32,579 posts)Okay, all I have are my couple of computers. But I have BitDefender, which is supposed to protect against that. I would guess that there are more powerful firewalls for the sorts of systems being attacked. If they were in place, why didn't they work. And if they weren't, why?
I read online the other day that a non-profit tech group - can't remember the name - that has tools to identify and in some cases resolve the problem. At the very least, the tools help narrow down the details on the attack.
And, third, if they were properly backed up, the data isn't lost, and insurance will pick up the tab for new computers. And if not, why not?
Igel
(35,274 posts)At least some of these kinds of take-over attacks result from phishing. It's what nailed the DNC in summer 2016, and what didn't nail hundreds or thousands of other organizations who received the same spear-phish attack at the same time.
You're sent email. "Somebody has tried to access your ______ account." Perhaps cell phone, perhaps Google drive, perhaps your Ebay or Amazon account. It's a case of "fill in phish-bait here." Recently I've been spammed with fake Fedex deliveries, USPS information, and Google account mail.
Cursor over it and often at the bottom you'll see link addresses like "screwyoubitch.ru" or "youreasucker.ru". Sometimes random stuff, "4k3hjgf0239.tv" or "38cjdhhheii.ch".
Click, and you've granted permission for a lot of things to attack your computer. What, exactly, depends on your software, your config settings, and how nasty the malware is. How far-reaching the damage is also depends on your system and their malware. It may just knock out your computer; it may propagate through the system and take out computers or perhaps the server.
Where I work has entire country domains blocked.
Jokerman
(3,518 posts)There you go.
All the firewalls and security in the world won't help you when you give the keys to a third party and they don't keep them secure.
My money is on someone inside the provider either fucked up or is complicit.
"A lot of folks in Texas use providers to do that, because we don't have a staff big enough to have IT in house."