23 Texas cities slammed with massive ransomware attack

A coordinated ransomware attack struck 23 small cities in Texas on Aug. 16

Texas Governor Greg Abbot ordered a “ Level 2 Escalated Response,” which is one level below an emergency-level response, CNBC reports. State authorities as well as the Federal Bureau of Investigation (FBI) and the Department of Homeland Security are investigating the matter, according to CBS.

Authorities haven’t yet determined who is behind the attack, but the Texas Department of Information Resources believes that a “single threat actor” is behind the attacks, according to the Texas Tribune.

While the Texas Department of Information Resources didn’t name the specific government entities that the attack hit, it noted that most were smaller local governments, the Tribune reports. However, officials of several have spoken publicly about the attack.

Keene, Texas, employees didn’t realize they’d been hit with a ransomware attack until they tried logging onto their computers and saw a jumble of text on their screens, the Los Angeles Times reports. After officials contacted the company that manages its server, they learned that they were one among a few cities that were experiencing such issues.

“We’re not prepared for something like that — most cities in America are not,” Landis Adams, Keene’s spokesman and economic development director, told the Times.

Borger, Texas, issued an official news release on the matter on Aug. 19.

“It makes sense that it’s the smaller towns that are being attacked, because typically their cyber defenses are going to be a lot leaner, budgets are lower, they’re not aware, and they just don’t have the staff to put a framework in place to defend against these kind of attacks,” cybersecurity expert Keith Barthold told CBS DFW.

Ransomware is a type of malware that is usually delivered via email, CNBC reports. Once opened, it locks up an organization’s systems until a ransom is paid to the attackers or until files are recovered by other methods. It can heavily damage hardware and can lead to days or weeks without access to systems.

A May 2019 study from cybersecurity firm Recorded Future found that over 169 ransomware attacks had infected state and local governments since 2013, according to the MIT Technology Review.