It appears that threat actors have been working overtime in the most recent months, as new security incidents are known every day compromising the operations of major private companies or government institutions. Now, IT system audits specialists report that the most recent victim is the Texas government, which has suffered a ransomware infection that spread to at least 23 departments of the state government.
The infection began on August 16 in the morning, according to the Texas Department of Information Resources, the area in charge of investigating, containment and responding to this incident. In a recently released report, the public office mentioned, “Most of the affected areas are small government entities, such as some county management systems.” In addition, it is claimed that the attack would have been perpetrated by “one single attacker”.
No details are yet known about the territory of origin of this attack or the areas of the Texas government affected. However, IT system audits experts from the specialized platform ZDNet report that a large amount of information was infected with the ransomware, which changed the extension of the infected files to .JSE. The Texas Department of Information Resources is in collaboration with the Cybersecurity Incident Response System at Texas A&M University and the U.S. Army for attack investigation.
Reports of ransomware attacks against government institutions in the U.S. have grown significantly in recent months. Attacks usually target small towns or counties, without large cybersecurity defenses, making them more attractive targets for ransomware campaign operators. These recent events have forced local governments to accept the conditions of the attackers and pay a ransom to regain access to their information. IT system audits specialists believe this exhibits the flawed computer security policy in place in multiple governments, inviting hackers to keep deploying these attacks.
Recently, the developers of the Malwarebytes antivirus tool published a report stating that ransomware attacks are increasingly targeting companies and government organizations, leaving aside to some extent the ransomware infections targeting individuals. According to this report, reports of ransomware infections in large companies increased 360% during the second quarter of 2019 compared to the same period of the previous year. Moreover, infections reported by individual users fell by 12%.
International Institute of Cyber Security (IICS) IT system audits specialists report that ransomware remains one of the most relevant threats, regardless of whether the victims are public organizations or private companies. In addition, the success range of these attacks remains high, so hackers have the resources to continue their malicious activities.