A coordinated ransomware attack struck 22 towns in Texas, an indication that the common cyberattack is being taken to new heights.
The attack comes just weeks after four leading government technology organizations called on state and local governments to do more to combat the threat of ransomware.
The attack began on the morning of Aug. 16, according to The New York Times, and the virus “appeared to affect certain agencies in the 22 towns, not entire government computer systems,” the newspaper reported.
While there are commonalities among the affected towns, details were sparse as to what linked them. The state’s Department of Information Resources described the attacker only as “one single threat actor.” The DIR says investigations into the origin of the attack are ongoing, and that more than a quarter of the impacted entities have “transitioned from response and assessment to remediation and recovery, with a number of entities back to operations as usual.”
Keene Mayor Gary Heinrich told NPR that the hackers attacked IT software used by the city and managed by an outsourced company. That vendor also provided services to many of the other towns hit in the attack, he said. Heinrich said the hackers want a total ransom of $2.5 million to unlock all of the systems.
Elliott Sprehe, a spokesman for the information resources department, declined to tell the Times if any of the towns had paid up. “It’s limited to just a handful of areas,” he said. “It’s not disparate throughout the state.”
The attack represents an escalation in ransomware attacks, according to some security researchers. “We have seen ransomware groups go after multiple municipalities, but always one at a time,” Allan Liska, an analyst at Recorded Future told StateScoop on Tuesday. “This is the first time we have seen a simultaneous attack like this.”