Robertson County Sheriff's Office targeted in ransomware attack
The Robertson County Sheriff's Office is one of at least 20 agencies across Texas that were targeted in a coordinated ransomware attack, KBTX has confirmed.
Sheriff Gerald Yezak said the impact was on the minimal end and their computers were never locked up. He declined to release any other details due to the ongoing investigation.
The Texas Department of Information Resources said that it believes a single source was behind all of the attacks, the number of which the agency lowered from 23 to 22 Tuesday.
The department didn't name the affected cities or provide details about the attacker's demands, but it said several of the cities had resumed normal operations by Tuesday and most of the agencies hit were located in small cities.
Texas and federal agencies, including the Department of Homeland Security and the FBI, are working with the affected cities to try and restore their access.
Local information technology departments including the one overseeing the City of Bryan are staying vigilant. The city has procedures in place to warn employees not to open phishing emails.
KBTX asked IT experts Thursday afternoon about measures in place to prevent being attacked.
"We've had four or five different entities come in: Department of Homeland Security, Idaho National Labs. We've had our internal auditor here this year and we hired a third party to come in and perform what is known as a penetration test on our network. We're doing ok. We're never 100 percent but doing ok," said Bernie Acre, Bryan Chief Information Officer.
"Typically you know a ransomware event starts when somebody clicks on a nefarious email. It kind of starts executing some code maybe even the ransomware itself and it starts going through their files and encrypting their files and making them unusable or unreadable for the end-user," said Scott Smith, Bryan Chief Information Security Officer.
"And then you'll shortly get a notice that says, 'Hey your files are encrypted. If you want to get it back pay us some money,'" he said.
Computer experts also said you can reduce your risk of being hacked by having good anti-virus software, changing the password and not opening unsolicited emails.
The attack in Texas is similar to other ransomware attacks that have crippled digital operations in cities around the country in recent years, Elliott Sprehe, a department spokesman, said Tuesday. "Once it's activated, your computer system is effectively locked from use until you pay that ransom as requested," he said.
Trying to prevent similar attacks is "a continual cat-and-mouse game" for governments of all sizes, Sprehe said. Ransomware often spreads through emails containing malicious links or attachments or by visiting a compromised website.