Texas cities unplug from Net after widespread ransomware attack

City of Denison press release

Bob Sullivan

Maybe you’re bored of reading about ransomware attacks, but plenty of local government agencies wish they were so bored. Organized bands of cybercriminals keep pounding away at smaller government IT systems with great success.  In the latest attack (that we know about), more than 20 agencies across Texas were hit last week, requiring an all-hands-on deck response from state authorities.  And in an important new-ish development, the attack negatively impacted an even wider set of agencies and citizens — as some leaders chose to disconnect systems pre-emptively.

“The evidence gathered indicates the attacks came from one single threat actor,” said the Texas Department of Information Resources in a statement. “Responders are actively working with these entities to bring their systems back online.”

The situation was dire enough that  Texas Gov. Greg Abbott ordered a “Level 2 Escalated Response” to the attacks, one step below the Texas Division of Emergency Management’s highest level of alert, according to KSAT.com.

It was also dire enough that other local governments are unplugging systems from the Internet even if they are not infected by the attack.  Denison, Texas, warned residents that city employees will have “little to no access to email during the outage” in a release published on its website. The city also cannot accept certain kinds of payments.

“Out of an abundance of caution, the City of Denison has disconnected its information systems
from the internet,” the release said. “While the City of Denison has not been directly affected by the attack,
precautionary measures are being taken to maintain the integrity of the city’s information
systems.”

Grayson County also unplugged, according to KXII.com. 

“We cannot email you, receive e-filings, issue birth, death or marriage records, or receive web-based inquiries,”  Emergency Management Director Sarah Somers told the TV station.

It’s probably wise for small agencies to disconnect during such incidents; it’s hard to imagine they can all afford top-notch information security professionals to fight back when there’s already a large shortage.  But the response shows that ransomware attacks are really taking a toll on smaller agencies, and their impact is being felt far beyond the institutions that are actually being forced to pay up.

This also suggests that citizens should keep fastidious records when dealing with any government agency, and don’t let bills wait until the last minute — lest your water provider or parking ticket agency be unable to process your electronic payment by the due date.

 

 

 

 

 

Leave a Reply

Your email address will not be published. Required fields are marked *