A few rocket attacks on U.S. military bases is one thing.
10,000 cyber attacks on the infrastructure of the U.S.’s second-largest state is quite another.
And that’s per minute.
Texas Gov. Greg Abbott diverted from the theme of Tuesday’s closed-door round table of the newly created Domestic Terrorism Task Force, which Abbott formed after last year’s mass shooting in El Paso which targeted Hispanics.
Citing information from the state’s Department of Information Resources, Abbott said the attacks are confirmed to have originated from Iran and have been on the increase over the past two days.
Ayatollah Ali Khamenei vowed to retaliate against the U.S. after President Donald Trump killed Iranian Gen. Qassim Suleimani via a drone strike in response to orchestrated violent protests on the U.S. embassy in Iraq.
Cyber attacks from rogue nations are certainly nothing new — billions of such attacks, the overwhelming majority of which are unsuccessful, happen per year. These attacks on Texas are likely automated probes into state IT systems taking place across the U.S. Regardless, tech security experts and Gov. Abbott alike are urging Americans to be on guard as tensions with Iran continue to rise.
No lives were lost in the suspected Iranian rocket attacks. Only one agency reported a compromised website but staff suspect it was part of a hacking challenge and not an Iranian attack.
What can be done?
The Texas Department of Information Resources put together a list of “cybersecurity best practices” urging Texas state agencies to use “good cyber hygiene.” Below is the text:
- Do not open suspicious or unexpected links or attachments in emails.
- Hover over hyperlinks in emails to verify they are going to the anticipated site.
- Be aware of malicious actors attempting to impersonate legitimate staff, and check the email sender name against the sender’s email address.
- Use unique strong passwords or pass-phrases for all accounts.
- Do not provide personal or organizational information unless you are certain of the requestor’s authority, identity, and legitimacy.
- Alert your IT staff or supervisor if you have any concerns about the legitimacy of any email, attachment, or link.
- Take advantage of available cybersecurity awareness training.