Centralized Incident Response System Set Up in Advance Credited for Texas’ Recovery After Ransomware Attack

Despite the ransomware attacks in Texas representing the largest coordinated attack on government entities, the cooperation of federal, state, and local resources characterizes effective incident response – an effective and efficient response that would have never been possible if the system was not set up in advance. An article posted in HSToday, What Incident Responders Can Learn from the Lilu Ransomware Attacks on Texas Government Entities, covers valuable lessons learned from the attacks on 16 August 2019. Most notable, over the past several years, the state has created a system centralizing incident response, so security and IT staff in the towns under attack knew who to call to get immediate help. Entities involved in the coordinated effort: Texas state, FBI, Texas Department of Information Resources, National Guard in Texas, U.S. Secret Service’s San Antonio office, and the Department of Homeland Security. This coordination is a valuable lesson in the importance of proactive, preestablished incident response procedures in limiting damage from an otherwise devastating incident. Read the post at Homeland Security Today.