Ransom in Texas

Jesus Beltran II


On May 14, 2020, ransomware halted the use of the Crash Information System (CRIS) of the Texas Department of Transportation. This is the system that puts together all vehicle crash information from law enforcement in the state of Texas. When you need a report for your insurance claim or lawsuit, this is the system where you order a copy. According to a news release from Texas Department of Transportation,

“[T]here was unauthorized access to the agency’s network in a ransomware event. TxDOT immediately took steps to isolate the incident and shut down further unauthorized access. In addition, the agency promptly began working with federal law enforcement... to find the individual(s) responsible and prosecute them to the fullest extent of the law.”

REQUESTED UPDATES

On June 15, TxDOT Media Relations replied to my request for more information, explaining, in part,

“We're pleased to report that TxDOT has made significant progress in its remediation and recovery efforts with enhanced security in place. You can now safely reconnect to TxDOT systems. TxDOT continues to work closely with its third-party incident response partners, Microsoft and AT&T, as well as local authorities and the U.S. Federal Bureau of Investigation. TxDOT and its incident response partners have determined and validated that no personally identifiable information or data was copied, transferred or retrieved during the incident.”

Because the TxDOT press release is very light on actual facts and the initial email response peaked my interest about the third-party incident response partners, Microsoft and AT&T, as well as the FBI involvement, I pressed for more information.

This sort of back and forth via email takes time, but usually yields more information. TxDOT Media Relations is not disclosing information about ransom or methods.

QUESTIONS TO ASK

Is the aim of the press release and emails to assure the public that everything is OK? If so, I have to give the responses a low grade. Information is your friend, unless you have something to hide. So, what should the public be told? Basically,

  1. Would hackers know how to hide whether they copied data or not?
  2. In prior attacks on Texas governmental systems (yes, there have been many more before this one), were Microsoft and AT&T also involved with determining whether data was copied or corrupted? If so, who double-checks the work that these two companies are doing?

WHERE TO SEARCH

Usually, emails or calls to higher level department heads would be in order. But, based on experience, they will continue to hold back useful information. If TxDOT reaches out with information after reading this, then that will be shared. After a few quick searches, I found the Texas Department of Information Resources (DIR) website. The DIR handles all information systems for Texas agencies.

In 2013, Texas Senate Bill 1102 modified the state Cybersecurity code chapter by adding three sections. These three sections are the creation of the management structure for the Texas Cybersecurity Council. Basically, like many oversight groups, the Texas Cybersecurity Council makes recommendations and guides.

The DIR website explains every agency and department needs to make up their version of an incident response plan. The DIR’s Incident Response Guide & Templates provides a “framework for organizations in creating their own incident response plans and procedures and should be completed and modified to meet the business needs of the organization.”

FINAL THOUGHTS

Makers of the operating system and internet service provider, should have their work double-checked. Specialists need to independently verify whether there was a data breach and report that to the public.

Transparency is key. Citizens are asked to trust agencies that, as an immediate response, is to withhold information ~but trust must be earned. And even if there is trust, keep in mind the translation of a Russian phrase President Reagan kept repeating, “Trust, but verify.”

 


Comments

Post a Comment

Popular posts from this blog

Teaching Alternative Certification and Teaching away from home

Trying to get a teaching job has involved a steep learning curve. I have the distinct impression that schools do not take kindly to applicants who have gone through an Alternative Certification Programme. But what is worse, are those who are willing to hire outside their city and state, but cannot offer a place to live. You see, were I one-half of a married couple, we might be able to pool our money and get a place to live while I wait to start work and get my first paycheck. But, because I am single and poor, moving to a different location that offers benefits, even at half the pay of a fully-certified teacher, is financially dangerous. I was pushed into moving to Denver a week before I was supposed to start training. The programme directors said it was necessary to get my fingerprints done early, to avoid any issues that could delay my first paycheck. In three days, I spent almost $700 ~ almost half the money I borrowed. The full amount should have lasted me enough to get me throug
Read more

Untruths from a Credit Union

We expect that people at Credit Unions should tell customers and the general public the truth, right? I mean, really, we should expect that. Credit unions are supposed to be member-owned banks. So, why are they lying like the banks from the 1950's? By now, you're wondering what I'm belly-aching about. Well, I had a few run-ins with a certain credit union and a policy that is clearly a policy, but they insist is "The Law" ~ the Patriot Act, to be exact. Now, I know that the regulations that any particular bank or credit union comes up with is their choice. I know that there are provisions in the Patriot Act that pertain to banking operations. Absolutely! Do your best to stop crimes from happening through our banking systems. But, when asked, WHY you are asking for my ID and Social Security number, when I'm only depositing into someone's account, at their request, then tell me it new policy. Do Not Lie and tell me it's the law! Is it against the law fo
Read more