A new ransomware attack hit the Texas government, the malware this time infected systems at the state’s Department of Transportation (TxDOT).
The Texas government suffered two ransomware attacks in a few weeks, the first one took place on May 8, 2020 and infected systems at the Texas court.
All @txcourts websites are down. We are aware of this issue and working to remedy it. The outage does not impact email, eFileTexas, or reSearchTX. Updates will be posted later today.
— Texas Courts (@TxCourts) May 8, 2020
Now ransomware has infected malware the systems at the state’s Department of Transportation (TxDOT), that attack forced the administrators to shut down the systems to avoid the propagation of the ransomware.
The state’s Department of Transportation (TxDOT) discovered the second attack on May 14, the infection follows an unauthorized access to the Department’s network.
“The Texas Department of Transportation determined that on May 14, 2020, there was unauthorized access to the agency’s network in a ransomware event” states the TxDOT.
The Texas Department of Transportation determined that on May 14, 2020, there was unauthorized access to the agency’s network in a ransomware event. TxDOT immediately took steps to isolate the incident and shut down further unauthorized access. Read the full statement below: pic.twitter.com/lSooXFRBZe
— TxDOT (@TxDOT) May 15, 2020
The agency immediately took steps to prevent further damages and isolated impacted systems, it “working to ensure critical operations continue during this interruption.”
The agency reported the incident to local authorities and is investigating into the incident with the help of the FBI.
At the time of writing it is not clear if the two attacks are connected, there are no technical details about both incidents either if the attackers have stolen any data.
In August 2019, Texas was hit by a wave of ransomware attacks that are targeting local governments.
At least 23 local government organizations were impacted by the ransomware attacks, the Department of Information Resources (DIR) is currently investigating them and providing supports to mitigate the attacks.