Posted on 08/17/2019 6:49:54 AM PDT by mplc51
A coordinated ransomware attack has affected at least 20 local government entities in Texas, the Texas Department of Information Resources said. It would not release information about which local governments have been affected.
The department said the Texas Division of Emergency Management is coordinating support from other state agencies through the Texas State Operations Center at DPS headquarters in Austin.
DIR said the Texas Military Department and the Texas A&M University Systems' Cyber-Response and Security Operations Center teams are deploying resources to "the most critically impacted jurisdictions."
Elliot Sprehe, press secretary for the department, said DIR was working to confirm which government entities are affected and said other information was still coming in.
(Excerpt) Read more at kut.org ...
declare these terrorist attacks, line up death penalty and GitMo as result. Make very public and give culprits 24 hours to cease or become public enemy number one. Make the threat serious enough, the follow through ominous enough, that they end real quick.
Why can’t the authorities just follow the money?
The time is well past when we need to demand that IT professionals have the training and competence to protect us.
Data breaches are treated as non events. No one is held accountable for exposing us to risk . Cities are shut down. Nothing happens.
If we are going to have a digital world we must demand only qualified people can build and operate digital systems.
Probably got Austin, Fort Worth, Dallas, San Antonio, Houston, Brenham, Midland/Odessa, Lubbock, Tyler, Nacogdoches, Lufkin, Victoria and Waco to name a few. Has to be a city with big pockets in order to get enough $$ for the risk. If they have to pay, they’re going to hit the taxpayers for the bill for their own incompetence with security.
KNOW THE SENDER.
We were told it was DPS that got hit.
Whop is DPS?
Verify that the sender really is the sender, and not a spoofed name from an unknown sender.
Find those responsible for this attack and stop them with EXTREME prejudice.
Department of Public Safety, dat be de po-lice.
A sharp lawyer might be able to get any client released based on the uncertainty that the restored data was the same as the ramsomware tampered data was faithfully replicated.
Was exculpatory data destroyed? Was the data on physical evidence mislabeled, assigning legitimate samples to different cases?
Because 90% of these attacks and data breaches are caused by end users.
Maybe businesses need to properly vet their employees BEFORE giving them access to a keyboard and mouse?
KNOW THE SENDER.
Also from an infected website!
I clicked on a search result and up popped the demand!!
First I thought OH SHITE, gotta rebuild the OS!!!
Running Linux, it’s about a half-hour job.
Not wanting to shut down for fear the bug will put down roots on the reboot??
I called my Linux GURU, he laughed! Said not to worry.
I rebooted and ran a full scan, NOTHING!
Same thing the next day, still nothing.
THANK YOU, Linus Torvalds!!!!
Here’s three key tips from an IT guy (me):
1. Backup. For an individual computer user/home user - use a usb drive that’s not kept connected to the computer. For a business, ensure user data files stored locally (user/documents, etc.) are redirected to a network share. Backup the network share using the 3-2-1 method (three different backups, two different storage types (Azure cool storage is great for this!) and keep one copy offsite (again, Azure cool storage is perfect)).
2. Ensure all the latest updates are applied as soon as possible.
3. EDUCATE users about phishing and email attachments.
Phishing example that often works: You get an email from an unknown administrator telling you your email account is compromised and to click the link, log in, and then all will be well—or variants of this.
NEVER, never, never open it. Just delete and mark the sender as junk. An administrator will NEVER ask you to log into a web link and provide your credentials. NEVER.
If it is from a bank, credit union or credit card vendor same thing. Call them to confirm. Also, the IRS or Social Security Agency will NEVER email you with such a format.
Nor will any call you on a telephone asking the same.
For instance multiple backup sites at different/longer intervals.
My Doc's office was devastated when they learned their backup was infected with the same ransomeware as their primary storage.
If their backups had been at longer intervals, with fewer overwrites, they could have been protected, especially with separate backup sites.
Get some real IT guys, fellas ! Come on now !
Seriously though government is like 10 or 15 years behind the private sector
I think ransomware is mostly from porn sites, not that I know firsthand.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.