Coordinated Hacker Attack on Texas Municipal Goverment

Coordinated Hacker Attack on Texas Municipal Goverment

At the end of last week, August 16, 2019, the municipal authorities of several districts in Texas immediately notified the Department of Information Resources (DIR) about problems with access to data.

Currently, DIR representatives coordinate incident response and investigation with more than ten other government agencies in Texas and the United States, such as the Texas Department of Emergency Situations, the FBI, the Department of Homeland Security, the Texas Department of Public Security, and so on.

So far, the DIR has not disclosed the exact number of affected organizations, but it is known that the incident was a “coordinated ransomware attack”, with more than 20 victims, and all the attacks were committed by the same criminal. It is emphasized separately that the attacks did not affect Texas systems and networks.

According to ZDNet’s own sources, the ransomware that infected the municipal authorities ’networks encrypts the files and then adds the .JSE extension at the end. This ransomware does not have its own name, and usually it is simply called the JSE ransomware or Nemucod, by the name of the dropper delivering the malware to infected hosts.

But according to another source of the publication, the Texas authorities suffered from attacks by the ransomware Sodinokibi (REvil), and not JSE. Since there is no official information on the technical aspect of what is happening, it is difficult to say which of the sources of rights.

Let me remind you that extortion attacks on the systems of small American cities have recently become a real trend among criminals. For example, the governor of Louisiana, John Bel Edwards (John Bel Edwards) and was forced to introduce a state of emergency in the state until August 21 this year. The reason for this was a series of coordinated extortion attacks targeting school districts in North Louisiana. As a result of these incidents, the IT networks of three school districts were disconnected and the files were encrypted and inaccessible.

Protect yourself from cybercrimes and keep your data safe – use RusVPN on your devices now!