SALES, RENTALS & LAYAWAYS

PROTECTING EVERYTHING THAT HAS EVER BEEN OF VALUE TO YOU

Open 24/7/365

We Have A Life-Time Warranty /
Guarantee On All Products. (Includes Parts And Labor)

How One Texas County Stopped a Ransomware Attack (#GotBitcoin?)

Hackers have hit cities across the country. Lubbock County was able to fend one off. How One Texas County Stopped a Ransomware Attack (#GotBitcoin?)

Isaac Badu ’s IT department gets calls about strange behavior on Lubbock County’s 1,300 computers all the time.

But this time, it was different. The file icons on a county employee’s computer were changing before their eyes.

Mr. Badu, the first in-house director of technology and information systems for this Texas county, said he immediately suspected malicious activity. He instructed one of his staff to rush to the affected computer and take it off the network.

“We knew right away who that user was, and we had one of our technicians run over to that office,” said the 46-year-old Ghana native, who has been involved in internet security for 17 years.

Within 40 minutes of witnessing the first signs of a ransomware attack, the threat was over.

Though hardly revolutionary, the actions show how training, resources—and a bit of luck—can thwart hackers who have been hobbling U.S. cities and counties.

Lubbock County was one of 23 local government systems in Texas hit by a ransomware attack on the morning of Aug. 16. It appears to be the only one that successfully stopped the hackers, saving the county potentially hundreds of thousands of dollars and hours of work to repair computers and restore lost files.

Almost 200 miles north, in Borger, Texas, the ransomware attack wasn’t caught, hitting the city’s business and financial operations and services. It took another three days for operations to normalize, the city said.

Similar attacks were reported in Keene and Wilmer, two small cities outside of Dallas.

Many smaller municipalities in Texas have limited IT support, or outsource to a vendor, said Edward Block, the state’s former chief information security officer. “With a more complete IT program and security program, it’s easier to resist these type of events,” he said. “Places without an IT department on board, it’s going to take longer to recover.”

Local officials declined to comment, citing a continuing investigation. The Texas Department of Information Resources—which is investigating the attack, along with federal agencies including the Federal Bureau of Investigation and Department of Homeland Security—also declined to provide additional details. The state agency said it believes the source of the attack points to a single actor.

“Ransomware has been around for quite some time,” said Avi Rubin, professor of computer science at Johns Hopkins University and technical director of the Information Security Institute. “But recently, the big targets have been municipalities and local governments because they tend to have lower IT budgets than they should.”

Malwarebytes, a company that specializes in cybersecurity, said their government clients experienced seven times more ransomware attacks so far in 2019 than in all of 2018. Attacks against businesses more than tripled this year compared with last year, according to customer detection data.

Ransomware is a type of malicious software, known as malware, “designed to deny access to a computer system or data until a ransom is paid,” according to the Cybersecurity and Infrastructure Security Agency, a division of Homeland Security. It is unleashed more often than not through email attachments or links that place malware on a device, and then the broader system. After encrypting files, hackers usually demand payment in the form of bitcoin in exchange for files and systems.

Municipalities are generally less prepared than companies because of limited resources and difficulty competing for cybersecurity talent, security professionals say. They are also increasingly reliant on technology to deliver city services, and some have aging computer systems, according to Standard & Poor’s.

“Historically, cities haven’t been particularly well funded in terms of IT and IT security,” Mr. Block said. “They have proven to be an attractive target for attacks.”

The attacks can be costly. Earlier this year, a ransomware attack hobbled Baltimore’s government after the city refused to pay hackers the $76,000 they demanded. The city’s systems were in disarray for well over a month, leaving residents unable to pay fines, receive water bills and even buy property. Baltimore estimated the attack cost it at least $18 million, including the potential lost revenue from fines and property tax collection.

Ultimately, stemming the increasing threat of attacks can happen only through a robust, well-funded and vigilant IT department, said Mr. Rubin, the professor.

“So many places, IT resources are there to just get things working and keep the lights on,” he said. “What you really need are security experts, and you need to spend money on that.”

Mr. Badu’s IT department benefited from a larger resource pool than some of the other Texas municipalities hit.

Lubbock County has a population of around 300,000. The city of Borger has about 12,600 residents.

It can also come down to the right timing and some luck.

After sending one of his team to take the affected computer off the system, Mr. Badu and his team worked to locate the device where the suspicious activity was originating from. Mr. Badu also sent a countywide email alerting other users to be cautious as his team worked.

Lubbock County Judge and Commissioner Curtis Parrish lauded the department for catching the attack at such an early stage. He pointed to the regular training the county’s roughly 1,500 employees receive on suspicious computer activity, no matter how small.

“This is stuff IT departments deal with all the time,” Judge Parrish said. “But you’ve got to have the proper IT department in place and you have to have the proper training in place, and the proper investment in your infrastructure.”

Mr. Badu, who ran IT departments in other Texas cities before taking up his role in Lubbock this year, said that when you have the right planning and resources in place, there is no need to pay a ransom.

“If your file is encrypted, you just restore it and you’re good to go,” he said. How One Texas County, How One Texas County

 

Related Articles:

Fraudsters Used AI To Mimic CEO’s Voice In Unusual Cybercrime Case (#GotBitcoin?)

Pearson Hack Exposed Details on Thousands of U.S. Students (#GotBitcoin?)

Cyber Hack Got Access To Over 700,000 IRS Accounts (#GotBitcoin?)

Take A Road Trip With Hotel Hackers (#GotBitcoin?)

Hackers Prove The Insecurity Of Trump’s Border Security By Stealing Photos Of Travelers’ Faces (#GotBitcoin?)

Hackers Target Loyalty Rewards Programs (#GotBitcoin?)

Taxpayer Money Finances IRS “Star Trek” Parody (#GotBitcoin?)

IRS Fails To Prevent $1.6 Billion In Tax Identity Theft (#GotBitcoin?)

IRS Workers Who Failed To Pay Taxes Got Bonuses (#GotBitcoin?)

Trump DOJ Declines To Charge Lois Lerner In IRS Scandal (#GotBitcoin?)

DMV Hacked! Your Personal Records Are Now Being Transmitted To Croatia (#GotBitcoin?)

Poor Cyber Practices Plague The Pentagon (#GotBitcoin?)

Tensions Flare As Hackers Root Out Flaws In Voting Machines (#GotBitcoin?)

3-29-2019 FBI Retools To Counter Cyber Threats, 4-12-2019 Thousands Of FBI Personal Data Is Stolen (#GotBitcoin?)

Overseas Traders Face Charges For Hacking SEC’s Public Filings Site (#GotBitcoin?)

Group Hacks FBI Websites, Posts Personal Info On Agents. Trump Can’t Protect You! (#GotBitcoin?)

SEC Hack Proves Bitcoin Has Better Data Security (#GotBitcoin?)

Hackers Prove The Insecurity Of Trump’s Border Security By Stealing Photos Of Travelers’ Faces (#GotBitcoin?)

Our Facebook Page

Your Questions And Comments Are Greatly Appreciated.

Monty H. & Carolyn A.

Go back

Leave a Reply