The list of government agencies infected with ransomware all over the world grows, and this time around it’s Texas that’s found itself in the crosshairs of cybercriminals.
23 Texas government institutions have been infected with ransomware and their data encrypted. Apparently, they had reported having issues accessing their data to the Texas Department of Information Resources (DIR).
"It appears all entities that were actually or potentially impacted have been identified and notified," DIR said. "Responders are actively working with these entities to bring their systems back online."
The attack seems to have been coordinated, it was added. Now, a joint effort is in place to try and recover lost files, with the Texas Division of Emergency Management, the FBI, the DHS, the Texas Department of Public Safety, and others, participating.
"At this time, the evidence gathered indicates the attacks came from one single threat actor," DIR officials said on Saturday.
The ransomware doesn’t seem to be of any known, or popular strain. It encrypts the files and adds the .jse extension at the end, which is why some security agencies are dubbing it the JSE ransomware.
Others are calling it Nemucod, because that’s the name of the Trojan that drops the malware on the infected host.
This is not the first time a government agency was being targeted by ransomware. As a matter of fact, it seems to be an upcoming trend. Recently, multiple cities in the States were victims of ransomware attacks, including Baltimore, and Riviera Beach, Florida, which decided to pay the ransom in order to get its network and files back.