Archive for Texas

Texas responds to “dramatic” rise in attacks with cyber command center

Posted in Commentary with tags on February 4, 2025 by itnerd

Governor Greg Abbott announced in a State of the State address on Sunday that Texas, in partnership with University of San Antonio, will soon launch the Texas Cyber Command to deploy “cutting edge capabilities” to strengthen the state’s ability to anticipate, detect and prevent cyberattacks.

  “The Texas Cyber Command will work in partnership and collaborate with all state universities and Regional Security Operation Centers, as well as local, state, and federal agencies to strengthen the state’s cybersecurity mission,” reads the press release.

The Cyber Command will create a “robust strategy” including:

  • Anticipating and detect potential cyber threats
  • Promoting cybersecurity awareness, professional training, and other workforce-oriented measures
  • Preparing for cyberattacks through exercises, pre-attack coordination and planning, and proactive collaboration with critical infrastructure partners
  • Defending against, responding effectively to, and mitigating the effects of cyberattacks when they occur, working across the state and with relevant partners
  • Providing subject matter expertise, forensic analysis, and other support to conduct post-attack investigations and recovery efforts

The move to launch the statewide cybersecurity command center comes after the state’s Matagorda County government suffered a cyberattack that forced officials from the Emergency Operation Center to declare a disaster.

In 2022, the University of San Antonio joined the US Cyber Command Academic Engagement Network, which works with the Department of Defense on cyberspace operations and capabilities, cyber expertise, and cyber warfare.

Evan Dornbush, former NSA cybersecurity expert, offers perspective on the matter:

  “From a political lens, it’s pretty fascinating that of all places Texas would be one of the first to promote a state-based government resource that the private sector can lean on, and I look forward to seeing how that plays out.

  “From the technical angle, and with a stated goal to anticipate and detect potential cyber threats, Texas is pretty qualified to pioneer this. A lot of talent is concentrated within, and pulling from its deep bench of military, academic, and private sector perspectives will be advantages to getting this off the ground.”

It’s interesting that Texas would be making a move like this as I don’t associate Texas with cybersecurity. I have to applaud them for doing this and I hope Texas does more of this.

Leave a comment »

Texas Tech University Health Sciences Center Pwned As Part Of A Larger Event…. Up To Two Million Patients Affected

Posted in Commentary with tags , on June 17, 2022 by itnerd

Texas Tech University Health Sciences Center has confirmed that the protected health information of 1,290,104 patients was compromised in a data breach at its electronic medical record vendor, Eye Care Leaders.

Eye Care Leaders said it detected a breach on Dec. 4, 2021, and disabled the affected systems within 24 hours. Texas Tech University Health Sciences Center said it received the final results of the forensic investigation on April 19, 2022. The compromised information included the following data elements: name, address, phone numbers, driver’s license number, email, gender, date of birth, medical record number, health insurance information, appointment information, social security number, as well as medical information related to ophthalmology services. No evidence of data exfiltration was found. But I’ll point out that it doesn’t mean that it didn’t happen. It just means that there’s no proof that it did.

Over the past few weeks, the number of eye care providers known to have been affected by the Eye Care Leaders data breach has been growing. At least 20 eye care providers have confirmed they have been affected and the protected health information of at least 1.9 million patients is known to have been exposed.

As the value of stolen credit cards has gone down in value, the value of health records has gone up.  With a complex web of interconnected providers in the healthcare space, many being small businesses, its impossible for the security safeguards in HIPAA to be fully maintained across the board.  That said, a breach at an Electronic Healthcare Records provider is especially concerning, as these are the types of vendors those small mom and pops rely on to provide more secure solutions than they could build on their own.

It’s commendable that they had their own incident response team that did detect a breach rather than it being reported by a 3rd party…a good sign that they are doing the right things.  For those who haven’t been through an investigation like this before, it is worth noting that there are many reasons that “no evidence of data being exfiltrated” could be found.  Very often logs that would have showed evidence aren’t kept for long enough…or at all.  If forensics teams don’t have the right data to work form, it becomes impossible to prove an exfiltration.  And there will be legal and executive pressure to state that no evidence was found in the absence of clear data that it was.  In short, anyone who was part of this breach still might be well off to scrutinize their bills closely, and be prepared to find healthcare services procured in their name at some later date, unfortunately.

We’ll have to see how bad this breach is. Starting with info showing up on the dark web which would be a sign that data was stolen. You might want to stay tuned to this one as I suspect I may be providing an update.

Leave a comment »

Texas Proposes Ban On Windows Vista Inside The State Government….. Ballmer Throws Another Chair In Anger

Posted in Commentary with tags , , on April 3, 2009 by itnerd

The Texas state Senate yesterday gave preliminary approval to a state budget that includes a provision forbidding government agencies from upgrading to Windows Vista without written consent of the legislature. Why do this? I’ll let Sen. Juan Hinojosa, vice chairman of the Finance Committee explain:

“We are not in any way, shape or form trying to pick on Microsoft, but the problems with this particular [operating] system are known nationwide,”

and:

“And the XP operating system is working very well.”

Not to mention:

“The reason we are so vendor-specific is because Microsoft has a monopoly on government PCs.”

Needless to say Microsoft isn’t very happy about this. According to a Microsoft sock puppet spokesperson:

“We’re surprised that the Texas Senate Finance Committee adopted a rider which, in effect, singles out a specific corporation and product for unequal treatment. We hope as the budget continues to go through the process, this language will be removed.”

This still has to get past the Texas of Representatives and then be reconciled into a single bill, so this rider could disappear somewhere along the line. But this has got to be embarrassing to Microsoft.

In the meantime, Microsoft employees should be on the lookout for flying chairs.

Leave a comment »