Cybersecurity, Ransomware and Tyler Tech

In this day and age, everyone and business is a target. If you have data, or your operation can be leveraged by shutting people out, which is nearly every business, you are a target. One of these is Tyler Technologies. This is a Texas-based company located in Plano. The company claims to be the largest provider of software and technology services to the public government. The company sells a wide range of services to state and local governments. A few of their products are appraisal and tax software, integrated software for courts and justice systems, enterprise financial software systems, public safety software, records/document management software, and others. The company is very large and is publicly traded as TYL. There is an estimated 5,300 – 5,500 with 2019 revenues of over $1B. Their website is tylertech.com. Their clients consist of over 15k government offices. The clients are based in the US, Canada, the Caribbean, and Australia.

Attack

The company was aware of an issue on September 23, 2020. This appears to have been a ransomware attack. The sources noted the RansomExx ransomware group did this attack. This group has also been linked to the recent attacks on the Texas Department of Transportation and Konica Minolta attacks. The system was successfully attacked and compromised. On the bright side, this does appear to be limited to the internal systems for the phone and IT systems, versus every system. Unfortunately, the details of the attack were not released, however, this does appear to be a ransomware attack.

Post-Detection

The company discovered the unauthorized user on the system. In a prudent move, they shut down the points of access to external systems. This was done out of an abundance of caution. This kept the attackers from pivoting into other areas. After this, they immediately began the investigation. The company contracted with third-party IT security and forensic experts. They focused on conducting a complete review. As a result of this, they also implemented enhanced monitoring systems to verify this activity did not continue. They also contacted law enforcement.

Effected

The company does not believe any of its client data, client services, or hosted systems were affected. With certain systems shut down, the local government’s client’s did not have access to certain services (e.g. paying their water bill or court payments online). Ironically, Tyler Tech had used the threat of ransomware as a selling point for many of its services. This included the ransomware survival guide and the ransomware incident response checklist. Apparently,

Lessons

You have to maintain a cyber vigilance. That is our environment. The employees still need the training to recognize ransomware and cybersecurity is everyone’s problem. When you under-estimate the attacker’s tenacity, you probably won’t like the results. Employee training needs to be on-going throughout the year, not only as part of the mandatory training. When you don’t emphasize the importance of the employee’s role with keeping the business safe, their focus will lapse and you’ll be in the news feed, using your own ransomware response guides.

Resources

Abrams, L. (2020, September 23). Government software provider tyler technologies hit by ransomware. Retrieved from https://www.bleepingcomputer.com/news/security/government-software-provider-tyler-technologies-hit-by-ransomware/

Bizga, A. (2020, September). Government services firm tyler technologies hit by ransomware. Retrieved from https://hotforsecurity.bitdefender.com/blog/government-services-firm-tyler-technologies-hit-by-ransomware-24193.html

Johnson, O. (2020, September 23). Tyler technologies suffers apparent ransomware attack. Retrieved from https://www.crn.com/news/security/tyler-technologies-suffers-apparent-ransomware-attack?itc=refresh

Kovacs, E. (2020, September 24). Government software provider tyler technologies hit by possible ransomware attack. Retrieved from https://www.securityweek.com/government-software-provider-tyler-technologies-hit-possible-ransomware-attack

Krebs, B. (2020, September 23). Govt. services firm tyler technologies hit in apparent ransomware attack. Retrieved from https://krebsonsecurity.com/2020/09/govt-services-firm-tyler-technologies-hit-in-apparent-ransomware-attack/

Menn, J. (2020, September 23). Software vendor tyler technologies tells U.S. local government clients it was hacked. Retrieved from https://www.reuters.com/article/idUSL2NZGK25A?utm_medium=Social

Tyler Technologies. (n.d.). Website unavailable. Retrieved from https://www.tylertech.com/DesktopModules/EasyDNNNews/DocumentDownload.ashx


Featured Posts
Posts are coming soon
Stay tuned...
Recent Posts
Archive
Search By Tags
No tags yet.
Follow Us
  • Facebook Basic Square
  • Twitter Basic Square
  • Google+ Basic Square