Texas Municipality ransomware attack (2019)
Date | 16 August 2019[1] |
---|---|
Suspected actor | REvil[2] (i.e., Ransomware Evil[3]), also known as Sodinokibi, a ransomware-as-a-service group[4] |
Target | 22[5] or 23[6] small towns in Texas, U.S. |
Method | Targeting shared service providers of multiple municipalities[7] |
Purpose | Unclear. |
Result | More than 40 municipalities have been targeted by ransomware attacks over the summer of 2019.[8] The attack on Texas municipalities, however, has been described as the most coordinated attack among all of them.[7] As a result of the attack, city workers were unable to accept payments and to access vital records, including birth and death certificates.[9] |
Aftermath | The Texas Department of Information Resources (DIR) has led the response to this ransomware attack and the Federal Bureau of Investigations (FBI) initiated investigations into the origin of the attack.[10] Immediately after the attack, the municipalities were assisted by numerous federal and state agencies, including the Federal Emergency Management Agency, the Department of Homeland Security, Texas A&M’s Information Technology and Electronic Crime Unit and the Texas Military Department.[11] |
Analysed in | Scenario 14: Ransomware campaign |
Collected by: Nele Achten
- ↑ Alina Georgiana Petcu, 'An Overview of the Texas Ransomware Attack and What You Can Learn from It' Heimdal Security (11 December 2020)
- ↑ 'Texas Municipalities Hit by REvil/Sodinokibi Paid No Ransom, Over Half Resume Operations' Trend Micro (10 September 2019)
- ↑ Lucian Constantin, 'REvil ransomware explained: A widespread extortion operation' CSO (17 November 2020)
- ↑ Singapore Computer Emergency Response Team, 'Revil Unravelled' (1 September 2020)
- ↑ Bobby Allyn, “22 Texas Towns Hit With Ransomware Attack In 'New Front' Of Cyberassault”, 20 August 2019.
- ↑ 'Texas government organisations hit by ransomware attack' BBC News (19 August 2019)
- ↑ 7.0 7.1 Manny Fernandez, Mihir Zaveri and Emily S. Rueb, “Ransomware Attack Hits 22 Texas Towns, Authorities Say”, 20 August 2019.
- ↑ Niraj Chokshi, “Hackers Are Holding Baltimore Hostage: How They Struck and What’s Next”, 22 May 2019.
- ↑ Kathleen Foody and Jake Bleiberg, AP, “Ransomware attack hits more than 20 Texas local governments”, 20 August 2019.
- ↑ Texas Department of Information Resources, “Update on the August 2019 Texas Cyber Incident”, 20 August 2019.
- ↑ Kate Fazzini, “Alarm in Texas as 23 towns hit by ‘coordinated’ ransomware attack”, 19 August 2019.