On Friday, August 16, over twenty local government entities in Texas were targeted by a coordinated ransomware attack. This incident is the most recent in a year marked by cyberattacks on state and local governments across the country. Several state and federal agencies are investigating and actively working with the impacted Texas entities to help bring their systems back online. You can read more about the incident and the response in the press releases from the Texas Department of Information Resources (DIR) (website).
- August 20, 2019 – Update on August 2019 Texas Cyber Incident
- August 17, 2019 – Update on August 2019 Texas Cyber Incident
- August 16, 2019 – Ransomware Attack Hits Texas Government Entities
Ransomware Webinar
The Texas State Operations Center released a 56 minute educational webinar on protective measures and response activities related to ransomware. DIR and the Texas A&M University System provide practical and specific information to help all levels of local government be more aware about what they can do to close vulnerabilities.
Cybersecurity Best Practices
In the wake of the attack, Texas local governments have been asking for help. DIR offers cybersecurity resources to Texas local governments. DIR recommends these cybersecurity best practices for public and private organizations:
- Keep software patches and anti-virus tools up to date.
- Create strong unique passwords that are changed regularly.
- Enable multifactor authentication, especially for remote logins.
- Modernize legacy systems and ensure software is as current as possible.
- Limit the granting of administrative access.
- Perform regular, automated backups and keep the backups segregated.
To protect themselves and their organizations, individuals should remember these cybersecurity tips:
- It is everyone’s responsibility to remain cyber aware and practice information safety.
- Do not open suspicious or unexpected links or attachments in emails.
- Hover over hyperlinks in emails to verify they are going to the anticipated site.
- Be aware of malicious actors attempting to impersonate legitimate staff, and check the email sender name against the sender’s email address.
- Use unique strong passwords or pass-phrases for all accounts.
- Do not provide personal or organizational information unless you are certain of the requestor’s authority, identity, and legitimacy.
- Alert your IT staff or supervisor if you have any concerns about the legitimacy of any email, attachment, or link.
- Take advantage of available cybersecurity awareness training.
Cybersecurity Training
House Bill 3834, enacted during the 86th Legislature, requires DIR to certify cybersecurity training programs for state and local government employees. Local government employees who have access to a local government computer system or database and elected officials must complete cybersecurity training at least once a year. DIR expects to publish an initial list of certified programs in October 2019.
For more information about H.B. 3834’s cybersecurity training for local governments, see DIR’s website.
Other DIR Assistance
Local governments can take advantage of competitive discounts on information and communication technology products and services through DIR’s cooperative purchasing program. Using DIR for contracting and purchasing may help stretch your limited dollars in the budget for cybersecurity.
Local governments can contact DIR at DIRSecurity@dir.texas.gov for additional information and tips for preventing ransomware.
Other Resources
DIR suggests the following additional guides for more information about ransomware and cybersecurity:
- Federal Ransomware Tip Sheet
- Estimated Ransomware Costs – Texas
- Ransomware Facts and Tips
- DHS Government Tip Card
- Online Safety