22 municipalities in Texas are caught up in a sweeping ransomware attack that has cut city phone lines, snarled payments systems and shut down operations at government agencies.
Texas recently revealed the attack which took place on August 16. So far only two cities have confirmed they are on the list of 22 – Borger and Keene. The cyber attackers are demanding $2.5 million to unlock city systems and restore access to records.
Texas officials have offered little in the way of detail beyond noting that systems are inoperable. The Texas Department of Information Resources issued an update yesterday afternoon that said that state officials were working with local governments to address outages and bring systems back online.
Keene Mayor Gary Heinrich told NPR that the attack came through a software provider.
A report in the Houston Chronicle suggests that the attack came on the heels of internal debates by policymakers and local officials about how to improve the state’s cybersecurity practices. Texas had made the decision to require most public sector agencies and employees to undergo comprehensive cybersecurity training by 2020.
State officials say that the evidence points to a single attacker, which is notable given the scope of the attack. Security researchers say that this is one of the largest single attacks on municipal systems. Other municipalities have recently been attacked including Baltimore, the Georgia court system, a county in Utah and several small cities in Florida. As Civsource reported yesterday, Georgia will be instituting mandatory cybersecurity training for public sector employees as part of its response effort to cyber attacks.