Texas is no stranger to cyberattacks. In fact, an Austin-based company was at the center of one of the worst hacks in American history. The latest concerning trend is ransomware, where a hacker infiltrates a computer or network and locks out the victim until they pay a ransom. With ransomware on the rise across the world, it is affecting Texas in disturbing ways.
The most dramatic example occurred in May of this year, when Colonial Pipeline was taken offline by ransomware. The pipeline, which runs from Houston to New York, was down for five days, causing fuel shortages on the East Coast. Less than a month later, meat processing giant JBS S.A. was hit by ransomware, causing the company to shut down its beef plants in East Texas and elsewhere. These kinds of attacks are particularly concerning as they disrupt “critical infrastructure” and have serious ramifications beyond cyberspace.
While major incidents involving critical infrastructure are a big concern, smaller ransomware attacks cause plenty of problems as well. The Associated Press recently published a report on a 2019 ransomware attack that disrupted government services in small cities and towns across Texas. In all, 22 municipalities in Texas were hacked, including one unidentified city in North Texas that lost access to the human-machine interface of its water system and had to operate it manually. Even Sheppard Air Force Base was affected. Fortunately, the situation was resolved without paying the ransom.
Hospitals and other healthcare facilities are also frequent targets of ransomware. In fact, Texas ranks second in healthcare ransomware attacks. From 2016-2019, Texas suffered 14 such incidents that affected 483,300 people and cost up to $19.6 million in downtime.
One major driver behind the explosion of ransomware is the emergence of cryptocurrencies like Bitcoin. Cryptocurrency allows large sums of money to be moved in a way that’s fast, pseudonymous, and difficult (but not impossible) to trace, making it an ideal method for ransomware perpetrators to receive payment.
Texas in particular needs to be vigilant against ransomware and other malicious cyber activity. As the energy capital of the United States, cyber attacks in Texas can affect the rest of the country, something clearly demonstrated by the Colonial Pipeline incident. If hackers take down refineries, pipelines, and other energy infrastructure in Texas, the ripple effects will be felt far beyond the state.
Ransomware is not an easy problem to address. One potential solution is to go on the offensive and hack the hackers. Indeed, this is what the FBI did to retrieve some of the money that hackers extorted from Colonial Pipeline. The Biden administration is also considering non-cyber ways of punishing those that engage in ransomware, such as economic sanctions. The hope is that those who might want to hack American businesses and government institutions will be deterred from doing so if they have to pay a price. However, the United States still suffers from ransomware and other cyber malfeasance in spite of having the best offensive cyber capabilities in the world, so it’s clear that offense alone isn’t the solution. A mix of offense and defense will be needed to address the problem.
Many are looking to a new security architecture called “zero-trust” in the hopes of countering ransomware. With traditional cybersecurity, anyone inside the network is generally trusted, meaning hackers can run rampant once they’re past the perimeter. In contrast, zero-trust does not automatically trust anyone on the inside or outside and continuously verifies every user. The approach is even being embraced by the Pentagon.
Regardless of what the solution is, the recent series of ransomware attacks has made one thing clear: Texas finds itself in an increasingly dangerous reality.