Original Post from Security Affairs
Author: Pierluigi Paganini
Crooks behind the attacks against Texas governments are now demanding $2.5 million to allow victims to access encrypted data.
The attacks started in the morning of August 16 and security experts investigating the incidents believe that it was a coordinated attack carried out by a single cyber crime gang.
Initially, it was said that at least 23 local government organizations were impacted by the ransomware attacks. The Department of Information Resources (DIR) is currently still investigating them and providing supports to mitigate the attacks, anyway evidence continues to point to a single threat actor.
The State Operations Center (SOC) was the attacks were
According to the Texas Department of Information Resources (DIR) the number of impacted towns has been reduced to 22.
“As of the time of this release, responders have engaged with all twenty-two entities to assess the impact
“More than twenty-five percent of the impacted entities have transitioned from response and assessment to remediation and recovery, with a number of entities back to operations as usual.”
The city of Keene confirmed the attack and announced it is working with law enforcement to resolve a cyber incident.
Another of the towns hit by the ransomware attack, the City of Borger, confirmed that business and financial operations and services were impacted, although basic and emergency services continued to be operational.
“On the morning of August 16, 2019 the City of Borger was one of more than 20 entities in Texas that reported a ransomware attack.” reads the press release published by the City of Borger.
“Currently, Vital Statistics (birth and death certificates)
Keene Mayor Gary Heinrich told NPR the attackers are asking for $2.5 million to unlock the files.
“Well, just about everything we do at City Hall is impacted” Heinrich said.
“They got into our software provider, the guys who run our IT systems. A lot of folks in Texas use providers to do that, because we don’t have a staff big enough to have IT in house.”
In June, the Riviera Beach City agreed to pay $600,000 in ransom to decrypt its data after a ransomware-based attack hit its computer system. A few days later, Lake City also agreed to pay nearly $500,000 in ransom after a ransomware attack.
In July 2018, another Palm Beach suburb, Palm Springs, decided to pay a ransom, but it was not able to completely recover all its data.
In March 2019, computers of Jackson County, Georgia, were infected with ransomware that paralyzed the government activity until officials decided to pay a $400,000 ransom to decrypt the files.
The post Texas attackers demand $2.5 million to allow towns to access encrypted data appeared first on Security Affairs.
Go to Source
Author: Pierluigi Paganini