A coordinated ransomware attack took down systems operated by 23 entities in Texas on Friday, state authorities said Saturday. State agencies were working Saturday to restore the affected systems, the majority of which belong to small, local governments.
“At this time, the evidence gathered indicates the attacks came from one single threat actor,” the Texas Department of Information Resources said in a statement Saturday. “Investigations into the origin of this attack are ongoing; however, response and recovery are the priority at this time.”
Ransomware is malicious software that can lock up your files until you send hackers a ransom payment. It featured in the WannaCry attacks in May and the NotPetya attacks in 2017, both of which swept through hospitals, banks and governments in several countries.
The US Conference of Mayors said in July that there have been 22 ransomware attacks on city, county and state governments so far this year. Hackers paralyzed government computers in Albany, New York, in April. Then in June, hackers targeted two Florida cities: Lake City and Rivera Beach. The city councils in both Florida cities agreed to pay ransoms that added up to more than $1 million.
The identities of the affected agencies weren’t revealed, nor was the size of the ransom, but authorities said systems operated by the state of Texas weren’t affected. The FBI and Department of Homeland Security are assisting various Texas agencies in the investigation.
The DIR didn’t immediately respond to a request for more information.