Texas transportation department hit in ransomware attack
The Texas Department of Transportation last week disclosed that it suffered a ransomware attack, though details of the incident are scant. In a notice posted to Facebook and other other social media, the agency said it detected “unauthorized access” on its network that was revealed to be ransomware.
“We believe we have a duty to inform our fellow Texans and our fellow state agencies of this unfortunate incident,” TxDOT Executive Director James Bass said in the statement.
Officials have not disclosed what type of ransomware was used in the incident, or what demand the attackers made. TxDOT has also not specified if there was any impact to its services, though as of Monday the agency’s main website was not responsive, while a separate site that houses footage from highway traffic cameras contained an alert that it has not been updated since last Thursday afternoon.
“We want every Texan to rest assured that we are doing everything we can to swiftly address this issue. We also are working to ensure critical operations continue during this interruption,” Bass’ statement continued. TxDOT also said it has notified the FBI of the incident.
The TxDOT incident is the second ransomware attack to hit one of Texas’ statewide operations in recent weeks. On May 8, the Texas Office of Court Administration, which provides IT services to the state’s judicial system, said it had been targeted by an unnamed malware.
Spokespeople for TxDOT did not respond to questions about the incident. But Texans are no stranger to ransomware attacks. A spokesperson for the Texas Department of Information Resources said it is assisting TxDOT in responding to the most recent attack, but declined to go into detail.
“DIR is working in partnership with TxDOT to respond,” the spokesperson said. “DIR takes our role in assisting other government organizations with cybersecurity incidents very seriously and we strive to protect information entrusted to us by organizations who have been impacted.”
Last year, DIR helped lead the response to an attack that disabled government operations in 23 communities across the the state.
TxDOT is also not the first state transportation agency to be hit by ransomware. In March 2018, the Colorado Department of Transportation was infected with the SamSam ransomware virus in an incident that locked up 2,000 computers, servers and network devices and cost the state about $1.5 million to recover from.
[ransomeware_map]