At least twenty local governments in Texas are now coping with a “coordinated ransomware attack on municipality computer systems,” the Texas Department of Information Resources (DIR) reports.
Affected cities and towns are not named in the release.
A response is being coordinated by the Texas Division of Emergency Management (TDEM) through the Texas State Operations Center.
“(T)he Texas Military Department, and the Texas A&M University System’s Cyberresponse and Security Operations Center teams are deploying resources to the most critically impacted jurisdictions.”
Affected local governments are being asked to contact their TDEM Disaster District Coordinator for assistance.
The US Federal Bureau of Investigation (FBI) says, “more than 4000 ransomware attacks have occurred daily since January 1, 2016. This is a 300-percent increase over the approximately 1000 attacks per da seen in 2015.”
Ransomware attacks are often automated and deployed transnationally, either in a targeted way or in wide swath, mainly via “spearphishing” emails.
Spearphishing or “phishing” emails are designed to entice unsuspecting personnel into divulging passwords or clicking on virus-infected email attachments.
Once clicked, the links inject viruses, trojans, and other malicious software onto network systems.
The malware often penetrates very deeply into systems before locking out administrators.
Attackers then demand a ransom in cryptocurrencies to restore the system and unlock data, which they may or may not actually do once the ransom is paid.
Administrators then have to spend months clearing systems of the malware. In some case, suites of networked computer equipment have been scrapped.
Numerous American municipal IT systems have been compromised in successful ransomware exploits, including systems in Massachusetts, Maryland, Georgia, and Florida.
According to Fox News, Baltimore, “spent millions to regain access to its networks following ransomware attacks.”
As well, “in two Florida towns, hundreds of thousands of dollars were spent to obtain access to their local government networks again.”
The rise in malware attacks has coincided with the increased circulation of cryptocurrencies, which enable the paying of ransoms anonymously online.
Ransomware is also one of the most popular products for sale on the Dark Net, and it is easily deployed in the form of spam.
In targeted cases, hackers will profile targeted individuals and send custom emails designed to court an individual’s passions.
For example, one cryptocurrency exchange was reportedly hacked when attackers identified that an employee there was a super fan of dogs and sent that person an email at work regarding, “a dog show in your area.”
The victim clicked on “a link” in the email, thereby using in malware onto his or her employer’s company intranet.
Cybersecurity firms say it is imperative that employers and agencies train workers never to open attachments contained in emails from unknown senders, and to report all suspicious email to IT and security directors.