At least 23 towns in Texas cities were targeted with ransomware attacks, according to a report from the Department of Information Resources in the state. The attacks started on a Friday morning in August, and primarily focused on smaller local government entities.
Ransomware is malicious software which locks down a computer or the files on the computer’s storage media until the victim pays the ransom or manages to recover the files by some other method. Ransomware is often delivered via email or if the user unwittingly visits a malicious site or runs an infected executable.
There have been attacks in several states, including Louisiana, Maryland, New York, and Florida, which have collectively cost millions of dollars. Baltimore estimates that the ransomware attack they fell victim to cost them $18.2 million.
It is not clear at this time how much the attack cost officials in Texas. Experts say that the ransomware has left systems offline while the computers are repaired, and this carries with it extra expenses to the community.
The Texas Governor Greg Abbott has ordered a Level 2 out of 4 “Escalated Response” to the attacks. This is the second-highest level, with Level 1 meaning “emergency”. Cybersecurity experts have been deployed to the affected areas to assess the damage and to support the local government entities as they work to get back online. Federal and state agencies are supporting Texas. FEMA, the Texas Military Department, the Department of Homeland Security and the Texas A&M’s Information Technology and Electronic Crime Unit are all involved in the recovery.
Data breaches can be costly for any entity, but the scale of this attack is particularly concerning, and the state is working hard to minimize the disruption for both the state and for the families who are a part of the affected communities.