In what looks like a highly coordinated cyberattack, approximately 23 cities and government agencies in Texas have been hit by hackers who held the captured computer systems ransom, Texas authorities said this week.
The ransomware incidents are yet another reminder that American cities are ill equipped to defend themselves in cyberspace. A May 2019 study found over 169 instances of ransomware infecting state and local governments since 2013.
Same but different
Dozens of US cities have been hit by ransomware this year. What makes the Texas attacks unique is the size and coordination of these attacks.
State authorities say that one single actor is likely responsible for all the incidents. If true, this is unlike any hacking campaign seen before.
The malware used in the attack was reported to be Sodinokibi according to ZDNet. The creators reportedly pulled in over $2 billion in payments as they become one of the dominant ransomware operations online before shutting down their operation in June in what the malware creators called “a well-deserved retirement”.
StateScoop reported that the malware used in Texas may be the “Ryuk” ransomware, a strain that’s been found in a host of recent ransomware infections of American cities.
A national problem
In the last five years, it’s become common place for American cities to get hit with ransomware. Baltimore was infected this year at a recovery cost of $10 million. A small Florida City paid $460,000 in ransom after an infection in June.
The Texas city of Boger is the only one so far to publicly say it was a victim of this latest wave of attacks. The state and other towns are otherwise keeping quiet. A Texas official told NPR that he was “not aware“ of any cities paying the ransomware fees this time around.
Who pays?
That May 2019 study of ransomware by the cybersecurity firm Recorded Future found that about 17% of state and local governments hit with ransomware end up paying the ransom.
That number is actually considerably lower than other organizations: A 2019 report from CyberEdge found 45% of organizations pay ransom, a rise from 38.7% in 2018.
The FBI recommends against paying ransom. And last month, the United States Conference of Mayors passed a resolution against paying ransomware extortionists.
But the fact is that when an organization is hacked and has bad or nonexistent backups, paying ransom quickly becomes an attractive option. The downside is that you are essentially funding the criminal gang behind the operation.
Source: MIT Technology Review
How A.I is Shaking the Foundations of Cybersecurity
Facial Recognition Backlash: Technology Giants Scramble
Cybersecurity: Three hacking trends you need to know about to help protect yourself