logo BREAKING NEWS.jpg

FULL REPORT 4:48 p.m.:

The Cooke County Sheriff’s Office was hit by a cyberattack early the morning of Independence Day, Sheriff Terry Gilbert confirmed Monday morning, July 6.

The department “was hit with a ransomware attack on its systems in the early hours of July 4,” Gilbert said in an email.

ITWire, an Australian information technology news website, reported over the weekend that attackers claimed to have used REvil ransomware to attack the Cooke County website. The attackers posted screenshots on the dark web — part of the internet that requires specific software or authorization to access — showing what are said to be documents and data from the sheriff’s department, ITWire reported.

Screenshots from the attackers’ announcement about the hack showed data folders with filenames that appeared to reflect archived case files as well as current cases. The screenshots, provided by threat analyst Brett Callow with antivirus software company Emsisoft, also displayed a threat that the files would be uploaded in seven days, though Callow said it’s unclear what date that was counting from.

REvil, used to refer both to the hacker group and the ransomware it uses, was first identified last year and is known to auction the data it steals, Callow said.

Gilbert said Monday the investigation into his department’s hack was ongoing.

“All emergency services are still operational,” he said.

It isn’t the first time one of Texas’s local governments has come under cyberattack. More than 20 entities, most of them smaller local governments, were attacked with ransomware in August 2019, according to the Texas Department of Information Resources.

The state’s court system and the Texas Department of Transportation were also attacked with ransomware earlier this year.

Ransomware is a type of computer malware that locks and encrypts a victim’s files and then demands a ransom in return for restoring access to the files, according to a fact sheet from the National Cyber Security Alliance, which likened the practice to “digital kidnapping.”

Late last year, ransomware attackers also began stealing data in addition to removing owners’ access to it.

Responding to ransomware attacks is estimated to have cost Texas county governments $3.25 million in 2019, the Department of Information Resources indicated on its website.

So far in 2020, ransomware attacks have hit 58 state and municipal entities and one federal entity, Callow said in an email.

UPDATE 1:14 p.m.:

REvil, used to refer both to the hacker group and the ransomware it uses, was first identified last year and is known to auction the data it steals, threat analyst Brett Callow said.

UPDATE 12:22 p.m.:

Screenshots from the attackers’ announcement about the hack, provided by Brett Callow, a threat analyst with antivirus software company Emsisoft, showed data folders with filenames that appeared to reflect archived case files as well as current cases. The screenshots also displayed a threat that the files would be uploaded in seven days, though Callow said it’s unclear what date that was counting from.

ORIGINAL 11:55 a.m.:

The Cooke County Sheriff’s Department was hit by a cyberattack early the morning of Independence Day, Sheriff Terry Gilbert confirmed Monday morning, July 6.

“The Cooke County Sheriff's Department was hit with a ransomware attack on its systems in the early hours of July 4,” Gilbert said in an email.

ITWire, an Australian information technology news website, reported over the weekend that attackers claimed to have used REvil ransomware to attack the Cooke County website. The attackers posted screenshots on the dark web — part of the internet that requires specific software or authorization to access — showing what are said to be documents and data from the sheriff’s department, ITWire reported.

“All emergency services are still operational,” Gilbert said, and the investigation into the attack is ongoing as of Monday.

It isn’t the first time one of Texas’s local governments has come under cyberattack. More than 20 entities, most of them smaller local governments, were attacked with ransomware in August 2019, according to the Texas Department of Information Resources.

The state’s court system and the Texas Department of Transportation were also attacked with ransomware earlier this year.

Ransomware is a type of malware that locks and encrypts a victim’s files and then demands a ransom in return for restoring access to the files, according to a fact sheet from the National Cyber Security Alliance, which likened the practice to “digital kidnapping.”

Responding to ransomware attacks is estimated to have cost Texas county governments $3.25 million in 2019, the Department of Information Resources indicated on its website.

So far in 2020, ransomware attacks have hit 58 state and municipal entities and one federal entity, according to Brett Callow, a threat analyst with Emsisoft, an antivirus software company.

Recommended for you