Ransomware on the Rise: City of Mission hacked
For obvious reasons — an ongoing criminal investigation that presumably includes the FBI, the DPS, other state agencies, legal counsel, etc. — City of Mission officials are staying mum about a cybersecurity event that locked down city records and operations.
Initially described as a “cybersecurity incident” last Tuesday (March 4) by Mission Mayor Norie Gonzalez Garza, the city still hasn’t disclosed if it was simply a malicious act or ransomware, whereby hackers, usually based outside the U.S., infect a city’s IT (information tech) with a virus that basically locks down a city’s entire ability to function. To varying degrees. No access to birth certificates, problems with access to other city departments.
To get back the info, gain access to what it had stored on the cloud, the city must pay a ransom, usually in the form of Bitcoin, to the unknown hacker.
A malicious IT attack, on the other hand, is just looking to create chaos, as opposed to making money.
In her letter to Texas Governor Greg Abbott dated March 4, the Mission mayor wrote: “The City of Mission, Texas, has suffered a cybersecurity incident such that the entire City computer server is at severe risk of a cyberattack that could release protected personal information, protected health information, civil and criminal records, and/or any and all other data held by the City of Mission and all departments within the City.” As such, she wrote, the mayor was asking the governor to declare a state of emergency for Mission and all departments of the city, which would make available both money and IT personnel to help deal with the matter.
AI Makes it Worse
There is no doubt that ransomware attacks are growing more numerous. A simple scan of a search engine will prove that to be the case.
In 2023, hackers knee deep in ransomware, for the first time, exceeded $1 billion in ransom payments. (Source: chainanalysis. com.)
Four years ago, 2021, the FBI reported that ransom attacks saw an increase of 62 percent from the previous year.
With the advent of AI (artificial intelligence), the attacks have grown more numerous and more difficult to combat in a proactive manner.
The reason why ransomware attacks are increasing include multiple factors, according to Cities Today (cities-today.com):
Remote work: The shift to remote work in 2020 led to a surge in cyberattacks.
Sophisticated attacks: Attackers are using AI and automation to make their attacks more complex.
Extortion-only attacks: Attackers are combining ransomware and extortion to increase payouts.
All of which steal from a city’s time, human assets, resources, tax revenue.
According to an internal memo sent to city employees last Tuesday (March 4) from Mission City Manager Mike Perez and the city’s HR department: “We recently experienced a security incident that has impacted our network systems. This security incident has required us to shut down parts of our network as we remediate this issue. As a result, some of our IT assets may not be fully available.”
On Saturday, March 1, Texas Attorney General Ken Paxton sent out an email labeled, City of Mission Catastrophe Notice, which read in part:
“On Friday, February 28, 2025, at approximately 2:00 a.m., the City of Mission’s entire computer network suffered a cybersecurity incident such that the City’s entire server and back up servers have been encrypted by ransomware. The City is unable to access any of its records at this time, including birth certificates, police reports, contracts, personnel files, to name a few. The breach has affected every single City Department. The City is thus unable to comply with the Public Information Act’s requirements at this time. The City is working to regain access to its files, but in the meantime is declaring a disaster due to the breach.”
It’s a disaster from a brain-drain standpoint, but one that will be fixed. This week, the city was still working on a remedy.
Question is, how much will Mission have to pay to get back the city data stolen from its space on the cloud? Assuming, that AG Paxton knew what he was talking about when he described Mission’s dilemma as “ransomware” in his Feb. 28 memo.
Finally, in an ironic sort of way, the AI technology being used by hackers to install ransomware or malware on computer systems already protected with high-dollar cybersecurity safeguards is running into a problem: AI software developed to combat criminals.
According to an IT company named InterVision Systems, “AI’s ability to learn and adapt makes it a powerful tool against ransomware. It can analyze vast amounts of data, identify patterns, and make predictions, enhancing threat detection and response capabilities, as demonstrated in innovative solutions from InterVision.”
