Government Systems are Generally Older and Un-Updated

The Texas Department of Information Resources (DIR) says that a ransomware attack has struck at least 20 State Government entities. It happened on August 16, last Friday. The names of the State entities have not been released yet. The DIR, the Texas Military Department and the Cyber-response and Security Operations Center of Texas’ A&M University System have deployed resources to the most critically impacted jurisdictions.

Follow these steps the best you can and you will be better prepared than most users for a ransomware or general virus threat.

The DIR says the attacks were coordinated. Local jurisdictions not deemed critical are advised to coordinate with the Texas Department of Emergency Management (TDEM) on how to proceed. This is treating the cyber attack with a disaster-level response. For those unaware, ransomware encrypts computers’ hard drives and leaves a note on directions how to pay to get the decryption “key” and save the data. Nowadays the ransom is usually specified to be in crypto-currency. This is so it can be converted in a chain of transactions and multiple crypto types that are essentially money laundering.

Cyber Attack: What can Be Done About It?

For cases of ransomware, sometimes anti-virus companies can reverse-engineer a fix. They then give away the code free on their website and often give the source code to other anti-virus makers. This is done as a courtesy usually by the first team to crack it. If the data on the hard drives has been properly backed up, IT can wipe the whole thing and reinstall.

Sometimes there were no current backups and the victims pay. Usually private citizens with no computer knowledge. Hopefully they can restore the system after paying, but there is no honor among thieves. In this case, since it is a simultaneous attack on major government systems, the FBI may get involved. With their IT people maybe they can trace the hackers. The NSA may assist as it’s likely to fall into their jurisdiction too, as an international electronic crime.

What You Can Do

For advice to avoid such a scenario affecting you and your home computer, follow these steps:

Prevention – Get a good anti-virus. Good meaning usually not free and well-known.

Don’t just click on a link in emails, that funny cat photo online, whatever. Hover the mouse cursor over the link and read what it says the link is and evaluate. If it is to PayPal for example, but the link says something suspicious like “paypal.e-mail.tu” or something…..

DON’T OPEN IT! Funny attachments can be scanned by a good anti-virus program first. If it has a “.exe” or “.dll” extension on it, it is highly suspect if not from a trusted source.

Funny attachments can be scanned by a good anti-virus program first. If it has a “.exe” or “.dll” extension on it, it is highly suspect if not from a trusted source. Back up anything important, often (once a week or two at least). Data, pictures, anything you really care about.

Have a set of Operating System disks if possible. That way you can wipe and re-install the Operating system and your critical files.

Any software you use a lot you should have a physical copy of or written links to the maker’s sites re-install. Don’t forget to write down serial numbers if using links. It’s harder to get a new copy from the makers without them. Any software you use from the Cloud should be fine…if you can get at it.

You need a list of account logins and passwords you use for anyplace you go. You might store it as a text file and a copy on a USB stick stored in a safe place away from the computer in another room.

Follow these steps the best you can and you will be better prepared than most users for a ransomware or general virus threat. That being said, sometimes viruses are so new and/or inventive that they get through anyway. These steps will lower how much damage and down-time you have. Good luck! Updates on this story as received.