KAUFMAN, Texas — Kaufman is among more than 20 Texas municipalities targeted in a coordinated August 16 ransomware attack, officials confirm to inForney.com.
"The City of Kaufman Computer and Technology Services has been severely affected by an outside source," read a Facebook post from the City of Kaufman on Monday. "At this time, all of our computer and phone systems are down and our ability to access data, process payments, etc. is greatly limited."
The City of Kaufman says services will be limited until their systems are back online, excluding police and fire services which were not affected. City Hall remains open.
According to the Texas Department of Information Services (DIS), as of an update on Tuesday, the number of impacted entities has been reduced to 22. Of those, many are small local governments and the State Operations Center was activated in response to the attack.
"More than twenty-five percent of the impacted entities have transitioned from response and assessment to remediation and recovery, with a number of entities back to operations as usual," stated a release from DIS.
Investigations into the origin of the attack remain ongoing but officials say evidence continues to point to a single threat actor. Citing an ongoing investigation, no further information was released.
DIS is being supported in their investigation by the Federal Bureau of Investigation's Cyber Division, the Texas Division of Emergency Management, the Texas Military Department, the Texas A&M University System's Security Operations Center/Critical Incident Response Team which comprises the Texas Department of Public Safety, the Computer Information Technology and Electronic Crime (CITEC) Unit, and Cybersecurity, the Intelligence and Counter Terrorism Unit, the Texas Commission of Environmental Quality, the Texas Public Utility Commission, the Department of Homeland Security, the Federal Emergency Management Agency, and other Federal cybersecurity partners.
The DIS provided the following best practices for public and private organizations to put themselves in the best cybersecurity posture:
- Keep software patches and anti-virus tools up to date.
- Create strong unique passwords that are changed regularly.
- Enable multi-factor authentication, especially for remote logins.
- Modernize legacy systems and ensure software is as current as possible.
- Limit the granting of administrative access.
- Perform regular, automated backups and keep the backups segregated.
A request for additional information has been made with the City of Kaufman and the article will be updated with any additional information.