Texas’ transportation agency has become the second part of the state government to be hit by a ransomware attack in recent days.
On Thursday, someone hacked into the Texas Department of Transportation’s network in a “ransomware event,” according to a statement the department posted on social media Friday.
The departments’ website says some features are unavailable due to technical difficulties, but it is not clear what functions were affected by the attack. Agency officials did not respond to emailed questions Sunday.
Upon detecting the hack, staff at the transportation department “immediately” isolated the affected parts of the network and “shut down further unauthorized access,” according to the statement. James Bass, the department’s executive director, said his staff is “working to ensure critical operations continue during this interruption.″ The hacks follow a ransomware attack of unprecedented size that hit more than 20 local governments in Texas last summer.
I can’t find much in the way of news on this, so here’s TxDOT’s statement, via Twitter:
The Texas Department of Transportation determined that on May 14, 2020, there was unauthorized access to the agency’s network in a ransomware event. TxDOT immediately took steps to isolate the incident and shut down further unauthorized access. Read the full statement below:
— TxDOT (@TxDOT) 2:04 PM – 15 May 2020
Maybe these two attacks are unconnected – there’s not enough information, such as what type of ransomware was involved and what the vector for it was, for me to take a guess – but the fact that there were two such attacks in a short period of time on two state systems sure seems suspicious to me. If I were at the state Department of Information Resources, I would be very busy, and more than a little concerned, right now. KXAN, CBS DFW, and Bleeping Computer have more.