At the end of last week, August 16, 2019, the municipal authorities of several districts in Texas immediately notified the Department of Information Resources (DIR) about problems with access to data.
Currently, DIR representatives coordinate incident response and investigation with more than ten other government agencies in Texas and the United States, such as the Texas Department of Emergency Situations, the FBI, the Department of Homeland Security, the Texas Department of Public Security, and so on.
So far, the DIR has not disclosed the exact number of affected organizations, but it is known that the incident was a “coordinated ransomware attack”, with more than 20 victims, and all the attacks were committed by the same criminal. It is emphasized separately that the attacks did not affect Texas systems and networks.
According to ZDNet’s own sources, the ransomware that infected the municipal authorities ’networks encrypts the files and then adds the .JSE extension at the end. This ransomware does not have its own name, and usually it is simply called the JSE ransomware or Nemucod, by the name of the dropper delivering the malware to infected hosts.
But according to another source of the publication, the Texas authorities suffered from attacks by the ransomware Sodinokibi (REvil), and not JSE. Since there is no official information on the technical aspect of what is happening, it is difficult to say which of the sources of rights.
