When you have a consumer complaint, it’s better to call Harry! When personally identifiable information (PII) is exposed, lost, stolen or misplaced, where can individuals go for answers-the Internet?  The latest malware-ransomware controversy in Texas has Trey Blocker twiddling his thumbs.  Jones’ article reports the malware event as:  (1) an employee state-issued laptop was attacked by ransomware and the date of incident was on October 26, 2017; (2) the Texas Department of Agriculture (TDA) notifies school district on or about November 22, 2017; (3) thirty-nine schools districts, including 5 in Denton County,  in Texas were affected; and, (4) more than 700 students PII were exposed.  These events are similar to TDA’s security notice post on October 26, 2017.  There are key differences addressed in Jones’ article and not in TDA’s internet security notice but in its PDF.  The first key difference is students (who were affected) were exposed to acquisition by an unauthorized person, which leads one to think someone other than the employee had accessed the laptop.  Secondly, the students affected, if have email, would be contacted.  Other methods of contact are TDA’s website and state wide media broadcasts, the latter is found in TDA’s security notice PDF.  Referring to What’s New hyperlinks, there is no October 2017 dated hyperlink. The below image is a snapshot of TDA’s current website. Other dated hyperlinks, before or after October, are January 2018 and August 2017- indistinct coincidental.

Selby’s article is independent of Jones’ article and refers extensively to Trey Blocker complaint, a candidate for the position of Texas AG Commissioner.   Blocker may have a legitimate cyber security concern, putting politics aside for 27-32 days. These are the typical notification days (27-32) for cyber security incidents according to Lance Hayden who teaches in the University of Texas School of Information. According to Douglas’ White Paper Cyber Dwell Time and Lateral Movement: The New Cyber Security Blueprint, dwell time begins when an attacker enters your network and continues until you eject them or they leave.  How does an unauthorized person gain access to the state-issued laptop? The question was never addressed in Jones’ article.  I am sorry about the confusion. It’s my bad.  The employee clicked an unauthorized link. The employee’s laptop was probed by malware-not ransomware- after the employee clicked a dangerous link according to Mark Loeffler, spokesman for TDA, who had been quoted in Selby’s article PolitiFact: Did state wait too long to warn of hack?  Was it malware or ransomware, Harry?

^{Resources:
Douglas, J. C., “Cyber Dwell Time and Lateral Movement: The New Cyber Security Blueprint.”  Raytheon, https//www.raytheon.com/capabilities/rtnwcm/groups/cyber/documents/content/rtn_269210.pdf. Accessed 07 February 2018.
GitHub Inc. https//github.com/vz-risk/VCDB/issues/10916. Accessed 06 February 2018.
Jones, C. “Five Denton County schools impacted by agency data breach.” 07 December 2017, Dentonrc.com,http//www.dentonrc.com/news/news/2017/12/07/five-denton-county-schools-impacted-state-agency-data-breach. Accessed 07 February 2018.
Kseven! Hold on! Let me take a…  04 March 2011. Flickr.com, https//www.flickr.com/photos/kseven9/8356407429/. Accessed 07 February 2018.
Selby, W.G. “PolitiFact: Did state wait too long to warn of hack?” 04 February 2018, MyStatesman.com, http//www.mystatesman.com/news/state–regional-govt–politics/politifact-did-state-wait-too-long-warn-hack/dKHoEqkwCKR25WbvFOpqNO/. Accessed. 06 February 2018.
Texas Department of Agriculture. “Security Notice.” 26 October 2017, What’s New, Texas Department of Agriculture, http//www.squaremeals.org/News/WhatsNew/tabid/1898/Article/2842/SECURITY-NOTICE.aspx. Accessed 07 February 2018.
Texas Department of Agriculture. “Summary of Ransomware Attack Incident and Recommended Action.” 26 October 2017, Texas Department of Agriculture, http//www.squaremeals.org/Portals/8/files/News/TDA%20%20Ransomware%20Exploit%20notice%20update3.pdf. Accessed 07 February 2018.}