The Texas government experienced a new ransomware attack, this time, the malware infected the State Department of Transportation (TxDOT) system.
All @txcourts websites are down. We are aware of this issue and working to remedy it. The outage does not impact email, eFileTexas, or reSearchTX. Updates will be posted later today.
— Texas Courts (@TxCourts) May 8, 2020
The Texas government suffered two ransomware attacks in a matter of weeks. The first attack took place on May 8, 2020, and infected the Texas justice system.
Now that the ransomware has infected the State Department of Transportation (TxDOT) system, the attack has forced the administrator to shut down the system to prevent the ransomware from spreading.
The State Department of Transportation (TxDOT) discovered the second attack on May 14. However, the infection had unauthorized access to the department’s network.
TxDOT said: “The Texas Department of Transportation has determined that by May 14, 2020, the ransomware had unauthorized access to the agency’s network.”
The Texas Department of Transportation determined that on May 14, 2020, there was unauthorized access to the agency’s network in a ransomware event. TxDOT immediately took steps to isolate the incident and shut down further unauthorized access. Read the full statement below: pic.twitter.com/lSooXFRBZe
— TxDOT (@TxDOT) May 15, 2020
The agency immediately took steps to prevent further damage and isolate the affected systems, “determined to ensure the continuation of critical activities during this outage.”
The agency reported the incident to local authorities and investigated the incident with the help of the FBI.
At the time of this writing, it is unclear if these two attacks are connected, and if the attacker is stealing data. There are no technical details about these two events.
In August 2019, Texas suffered a series of ransomware attacks against the local government.
At least 23 local government organizations have been affected by ransomware attacks, and the Department of Information Resources (DIR) is investigating and providing support to mitigate the attacks.