Govt. Services firm Tyler Technologies hit in apparent ransomware attack – Krebs on Security


Technologies Tyler, a Texas-based company touting itself as the largest provider of US public sector software and technology services, is battling a network intrusion that has disrupted its operations. The company has declined to discuss the exact cause of the disruption, but its response so far has come straight out of the playbook to respond to ransomware incidents.

Plano, au Texas, Tyler Technologies [NYSE:TYL] has some 5,300 employees and generated revenues of over $ 1 billion in 2019. It sells a wide range of services to state and local governments, including valuation and tax software, integrated software for courts and justice agencies, corporate financial software systems, public safety software, case / document management software solutions and transportation software solutions for schools.

Earlier in the day, the normal content on has been replaced with a notice that the site is offline. In a statement provided to KrebsOnSecurity after central time markets closed, Tyler Tech said early this morning that the company became aware that an unauthorized intruder had gained access to its phone and technology systems. information.

“Upon discovery and out of caution, we closed the access points to external systems and immediately began investigating and resolving the issue,” said Tyler, Chief Information Officer Matt Bieri said. “Since then, we have engaged outside IT security and forensics experts to perform a detailed examination and help us safely restore the affected equipment. We are implementing improved surveillance systems and have notified law enforcement. ”

“At present and on the basis of the evidence available to us to date, everything indicates that the impact of this incident is limited to our internal network and our telephone systems,” their statement continued. “We currently have no reason to believe that customer data, customer servers, or hosted systems have been affected.”

While it may be heartwarming to hear that last tune, the reality is that the company’s investigation is still early. In addition, ransomware has gone well beyond simply holding a victim’s computer systems hostage in exchange for extortion payment: these days, ransomware vendors are going to offload as much personal and financial data as they are. they can first release their malware and then often demand a second ransom payment in exchange for a promise to remove the stolen information or refrain from posting it online.

Tyler Technologies declined to comment on how the intrusion affects its customers. But several readers who work in IT roles in local government systems that depend on Tyler Tech said the outage disrupted people’s ability to pay their water bills or court payments.

“Tyler has access to a lot of these servers in cities and counties for remote assistance, so he was very careful of them to keep everyone in the dark and maybe exposed if attackers got away. were pulling with remote media credentials while waiting for the stock exchange to close, ”said one reader who requested to remain anonymous.

Depending on how long it takes Tyler to recover from this incident, this could have a significant impact on the ability of many states and localities to process payments for services or provide various government resources online.

Tyler Tech has pivoted on the threat of ransomware as a selling point for many of its services, using its social media presence to promote ransomware survival guides and incident response checklists. Hopefully, the company was following some of its own advice and will weather this storm quickly.

Tags: ransomware, Tyler Technologies,


Please enter your comment!
Please enter your name here