August 20, 2019
Ransomware attack hits more than 20 Texas local governments
More than 20 local governments in Texas are facing a coordinated ransomware attack, authorities said.
The Texas Department of Information Resources said in a statement Saturday that it believes a single source is behind all 23 of the attacks. It didn't name the affected cities or provide details about the attacker's demands.
Texas and federal agencies, including the Department of Homeland Security and the FBI, are working with the affected cities to try and restore their access.
The attack in Texas is similar to other ransomware attacks that have crippled digital operations in cities around the country in recent years, Elliott Sprehe, a department spokesman, said Tuesday.
"Once it's activated, your computer system is effectively locked from use until you pay that ransom as requested," he said.
In Keene, a community of about 6,000 people about 45 miles (72 kilometers) southwest of Dallas, the attack took down all municipal computers and left the city unable to process credit card payments, said Landis Adams, the city's economic development director.
City staff first noticed server problems early Friday morning and the computers of its roughly 50 employees have been unusable since, he said.
Adams said he didn't know what the attacker demanded and that he couldn't provide much detail because of the ongoing investigation. Keene residents can still pay bills in person at city offices and the public works department is manually monitoring the municipal water system as a precaution, he said.
He said the attack thus far has affected staff more than residents, but that he has "absolutely no idea" when it will be resolved.
The Panhandle city of Borger said in a statement posted on Facebook that the attack on its computers took place Friday and prevented city workers from accepting payments and accessing vital records, including birth and death certificates. Police, fire and 911 services were not affected and city officials don't believe any credit card or personal information was compromised. City officials did not immediately reply to Tuesday messages seeking comment.
An FBI spokeswoman declined to comment on the investigation.
Trying to prevent such attacks is "a continual cat-and-mouse game" for governments of all sizes, Sprehe said.
Ransomware often spreads through emails containing malicious links or attachments or by visiting a compromised website. According to the FBI, more than 1,400 ransomware attacks were reported last year and victims reported paying $3.6 million to hackers.
Among the U.S. cities that have been targeted by ransomware attacks is Baltimore , where officials refused a demand for about $76,000 in bitcoin to restore access to its computer network. Federal prosecutors last year indicted two Iranian men for ransomware attacks on more than 200 victims, including the cities of Atlanta and Newark, N.J., that netted them more than $6 million and cost the affected governments and companies more than $30 million.
Several Florida cities in June paid hundreds of thousands of dollars to hackers who encrypted records, disabled their email systems and blocked their ability to pay employees and vendors via direct deposit.
Sprehe said he didn't know whether any of the affected Texas municipalities have or plan to cave to the attacker's ransom demand.
© 2019 The Associated Press. All rights reserved.