Was the ransomware attack on 20+ Texas local governments an attack on a single service provider?

The Texas local governments attack seems to me to be more akin to the trend we have been seeing in 2019 with attackers targeting one MSP and then using that access and the MSP’s tools to attack / encrypt the MSP’s individual clients. If I’m not mistaken (and, I could be), the Texas DIR often acts as sort of a provider / MSP or/ MSSP to some local governments by providing outsourced services to those local governments.

Does anyone know if that was the case for these 22 entities or if that has some connection? I do know DIR is leading the response.

UPDATE: I just heard from a friend who has worked arm in arm with these folks and the answer is:

Hey Shawn. Answer to your DIR question is no. DIR does not provide services to local gov in this form but does coordinate response.

***URGENT*** MEMO TO “THE IT GUY” RE: RANSOMWARE

***urgent memorandum***

TO: The “IT Guy”

FROM: Shawn Tuma

SUBJECT: Your clients affected by ransomware


STOP OVERWRITING / WIPING / DELETING OR OTHERWISE DESTROYING YOUR CLIENTS’ DATA WHEN THEY ARE AFFECTED BY RANSOMWARE!!!

PLEASE!!! PRETTY PLEASE!!! PRETTY PLEASE WITH SUGAR ON TOP!!! JUST STOP IT!!!

Seriously, everyone understands that ransomware is scary stuff and when you discover that one of your clients has been hit by it, it can cause quite a bit of panic. That is understandable. But, when you feel that sense of panic, that is not the time to act — that is the time to pause, take a deep breath, gather your senses, and let your emotions settle down and your brain take back over. Then, recall the Hippocratic Oath that doctors must take:

“first, do no harm”

Just because you cannot figure out what to do with the encrypted data does not mean that there are not other people out there who can. Consider these points:

  • There are really good folks out there who are experts at getting data like this decrypted.
  • There are outstanding cyber insurance policies that will pay the cost of the ransom to recover the data.
  • Over the course of time, ransomware decryption keys start to make their way into the wild and data that was at one time unrecoverable magically becomes recoverable.
  • And, in many cases, that original encrypted data is necessary to perform forensics that may prove to be very beneficial to your client.

But guess what? NONE OF THIS IS POSSIBLE AFTER YOU COME ALONG AND FINISH THE HACKER’S JOB BY DESTROYING ANY HOPE YOUR CLIENT EVER HAD OF RECOVERING ITS DATA BY PERMANENTLY DELETING IT!!!

PLEASE, JUST STOP IT!!!

Texas AG: Business Must Implement and Maintain Reasonable Cybersecurity Safeguards

Texas AG - Reasonable Cybersecurity

Go here to read: Texas Businesses Must Implement and Maintain Reasonable Cybersecurity Safeguards According to State Attorney General

Cyberbullying of Children is a Heartbreaking Problem that Parents Have a Role in Preventing

Cyberbullying — like plain “old fashioned” bullying — is a heartbreaking to see, especially when it is directed at innocent children. There are many things that can lead to it and there are many things that can help minimize it. I do not pretend to have all of the answers and, you can bet, if I thought I did, I would share them with the world.

See these Tips for Parents to Help Keep Kids Safe Online

But, there is one thing I do know and that is that parents have a very big role in helping to keep kids from bullying others and in helping to protect their own children from bullying. I use the words “helping to keep” and “helping to protect” as recognition that there is no single solution to this problem — but if we can help make it better, than that is a good place to start.

In this interview with Ken Molestina @cbs11ken on DFW CBS 11 @CBSDFW, we discuss some of the issues surrounding cyberbullying and you will notice that my advice keeps coming back to the parents, for a reason: We as parents are the first line of defense when things involve our children and there is no technology, service, app, or other person who can take our place.

How Parents Can Help Prevent Cyberbullying of Children

Here are several helpful resources to learn more about cyberbullying and how to help protect against it:

CyberBullying.gov provides extensive resources for parents and answers to questions such as:

  • What is Cyberbullying?
  • Cyberbullying Tactics
  • Preventing Cyberbullying
  • Warning Signs a Child is Being Cyberbullied or is Cyberbullying Others
  • What to Do When Cyberbullying Happens
  • Digital Awareness for Parents
  • Establishing Rules
  • Tips for Teachers
  • Reporting Cyberbullying

The Cyberbullying Research Center provides a very nice .pdf graphic listing these 10 tips for teens to preventing cyberbullying:

  1. Educate Yourself
  2. Protect Your Password
  3. Keep Photos “PG”
  4. Never Open Unidentified or Unsolicited Messages
  5. Log Out of Online Accounts
  6. Pause Before You Post
  7. Raise Awareness
  8. Setup Privacy Controls
  9. “Google” Yourself
  10. Don’t Cyberbully Others

Texas Bar Journal 2018 Year-End Cybersecurity & Data Privacy Update

The Texas Bar Journal’s year-end update on Cybersecurity & Data Privacy law was once again provided by Shawn Tuma and addressed the following issues:

  • Lawyers’ Cybersecurity and Data Breach Obligations that are required under Texas law and the ABA’s Ethics Opinion 483 titled Lawyers’ Obligations After
    an Electronic Data Breach or Cyberattack
  • Whether an IT service provider’s locking a customer out of its computer violates the Texas “hacking” law
  • Whether a woman viewing pictures on her boyfriend’s iPhone violates the Texas “hacking” law