Texas’ Department of Information Resources (DIR) launched an investigation into the attacks once they learned of the incident this week. Based on the collected evidence, cyber security officials suspect the attacks to be orchestrated by a single person where the bad actor encrypted files and appended the .JSE extension to the encrypted files.
For security reasons, the impacted entities are not revealed. However, a spokesman said the majority of impacted government entities were smaller entities and investigation into the attacks are ongoing and that response and recovery are the priority at this time.
DIS with the help of the Texas Military Department and the Texas A&M University System’s Cyberresponse and Security Operations Center teams are deploying resources to help recover their systems and bring them back online.