Hackers recently infected 23 organizations that have connections to local government in Texas with ransomware.
Authorities are working with cybersecurity experts, the military, and counterterrorism units to bring systems back online.
According to the Texas Department of Information Resources, smaller local government departments were the main targets. The organization believes that all 23 attacks were carried out by the same cybercriminal.
Local governments may be an easy target for hackers because of their complex structure and the fact that they communicate with many different contractors. Hackers have used ransomware to shut down governments in a number of states this year alone.
In May, cybercriminals took over thousands of government computers in Baltimore, disabling email accounts and online payments for weeks. The city refused to pay the ransom. The city estimates that it lost $18 million as a result of the cyberattack.
In June, Riviera Beach, Florida, paid nearly $600,000 to cybercriminals following a ransomware attack, and Lake City, Florida paid hackers $500,000 after a similar attack. "Texas government organisations hit by ransomware attack" bbc.com (Aug. 19, 2019).
Most experts agree that paying a ransom will leave your organization vulnerable to more ransomware attacks. It is suggested that cybercriminals know what organizations pay ransoms, making those that pay even more of a target.
Plan now that you will not pay the ransom if your computer or network is ever locked by ransomware. Paying only encourages this type of cybercrime, and there is no guarantee that the criminals will unlock your system even if you do pay.
Planning should include routinely backing up your data to a hard drive or to the cloud that can be disconnected if there is a breach. Then, if ransomware locks your computer, you can still access any essential files from a clean computer.
Never plug your hard drive into a computer that you think could be infected with malware. Doing so could wipe out your backup. Have a plan for how you would procure a computer or other hardware to carry on any necessary activities.
If you suspect an infection from ransomware or other types of malware, immediately disconnect from the Internet to stop the flow of data.