Ransomware Found its Way into the Texas Court System

Last week, the Texas court system was knocked by ransomware. After discovering the attack, the branch network, websites, and servers were disabled to block the further spread of the malware. 

What happened?

  • On May 8th, the Office of Court Administration (OCA) recognized a critical security incident in the branch network, which was later found to be a ransomware attack.
  • Starting in the overnight hours, the attack was not pertinent to the courts’ shift to remote hearings due to the COVID-19 pandemic.
  • According to the OCA, Texas’ individual trial court networks were not affected and no vital information was compromised as it could catch the ransomware and limit its impact in a timely manner, avoiding the need for ransom payments.

Actions taken by the OCA

  • Until the breach is dealt with, the Texas Judicial Branch network will remain disabled.
  • The OCA is continuously working on bringing all the affected branch resources and judicial entities back online.
  • Also, it is collaborating with the Texas Department of Information Resources (DIR) to scrutinize the ransomware attack and other information security authorities to retrieve the impacted data.

Some similar antecedent attacks

  • In July 2019, the Georgia court system had fallen victim to ransom demands by hackers. Following the attack, the state court's network was completely taken offline.
  • In August 2019, Texas was hit by a file-encrypting malware, which impacted 23 local governments. Eventually, the attacker demanded a ransom of $2.5 million in exchange for the decryptors to the affected entities.
  • In 2018, government agencies in Minnesota, including the state's court system suffered distributed denial of service (DDoS) attacks. Several "DDoS-for-hire" services were paid by the attacker to sabotage websites in Minnesota.

The final word

Court systems and government bodies hold critical information of individuals as well organizations. This makes them primary targets for cyberattacks, posing the possibility of a tremendous loss of valuable information. Irrespective of the hacking incidents, courts and government institutions must take necessary steps to protect the information and data they possess.