EXECUTIVE SUMMARY:
Starting on Friday August 16th, 23 Texas towns experienced ransomware attacks. The state’s Department of Information Resources reports that majority of the victims consisted of local government groups.
Texas governor Wayne Abbot initiated a four-step response plan, and has enlisted more than ten state and federal organizations to assist in the recovery process. Agencies involved include FEMA, the Department of Homeland Security, the Texas Department of Public Safety, the Texas Military Department, and the Electronic Crime Unit at Texas’s A&M.
As of the present writing, whether or not any of the affected towns paid the ransom remains unknown.
The specific “strain” of ransomware involved has been dubbed .jse ransomware, although select antivirus vendors know it as Nemucod. This type of ransomware first surfaced in August of 2018, and has repeatedly blighted organizations throughout the US since then.
To reduce the potential of this unruly ransomware rattling your organization, follow these tips:
- Ensure that your organization backs up data on a daily basis, and can retrieve encrypted information should a breach occur.
- Set up network segmentation strategies.
- Brief employees on your desired chain of communication in the event that they believe an attack to have occurred.
- Like most organizations, your organization likely works with third parties. Contact them to review the cybersecurity of the devices or applications that they provide to your org.
- Engage in red-teaming, wargaming, and other types of penetration testing to find your blindspots. See to it that they any vulnerabilities are resolved immediately.
Stay secure. For a more ransomware prevention tactics, visit TechRepublic.