“Coordinated cyberattack” on several Texas cities

That doesn’t sound good.

Twenty-three Texas towns have been struck by a “coordinated” ransomware attack, according to the state’s Department of Information Resources.

Ransomware is a type of malicious software, often delivered via email, that locks up an organization’s systems until a ransom is paid or files are recovered by other means. In many cases, ransomware significantly damages computer hardware and linked machinery and leads to days or weeks with systems offline, which is why it can be so costly to cities.

According to a weekend update by the Texas DIR, the attacks started Friday morning and though the locations aren’t named, “the majority of these entities were smaller local governments.”

Texas Governor Greg Abbott ordered a “Level 2 Escalated Response” on Friday following the incident, according to a statement from Governor’s Office deputy press secretary Nan Tolson. This response level, determined by the state’s Department of Emergency Management, is part of a four-step response protocol, and is one step below the highest level of alert, level 1 or “emergency.”

According to state emergency management planning guide, this means “the scope of the emergency has expanded beyond that which can be handled by local responders. Normal state and local government operations may be impaired.”

In addition to the state and local agencies assisting with the response, “Governor Abbott is also deploying cybersecurity experts to affected areas in order to assess damage and help bring local government entities back online,” Tolson said.

This NPR story has more details.

The Federal Bureau of Investigation and state cybersecurity experts are examining the ongoing breach, which began Friday morning and has affected mostly smaller local governments. Officials have not disclosed which specific places are affected.

Investigators have also not yet identified who or what is behind the attack that took the systems offline, but the Texas Department of Information Resources says the evidence so far points to “one single threat actor.”

Elliott Sprehe, a spokesman for the department, said he was “not aware” of any of the cities having paid the undisclosed ransom sought by hackers. He said the areas impacted are predominantly rural. The department initially put the number of cities attacked at 23.

Two cities so far have come forward to say their computer systems were affected. Officials in Borger in the Texas Panhandle, said the attack has affected city business and financial operations. Birth and death certificates are not available online, and the city can’t accept utility payments from any of its 13,25o residents. “Responders have not yet established a time-frame for when full, normal operations will be restored,” city officials said.


Experts say that while government agencies have increasingly been hit by cyberattacks, simultaneously targeting nearly two dozen cities represents a new kind of cyberassault.

“What’s unique about this attack and something we hadn’t seen before is how coordinated attack this attack is,” said threat intelligence analyst Allan Liska. “It does present a new front in the ransomware attack,” he said. “It absolutely is the largest coordinated attack we’ve seen.”

Liska’s research firm, Recorded Future, has found that ransomware attacks aimed at state and local government have been on the rise, finding at least 169 examples of hackers breaking into government computer systems since 2013. There have been more than 60 already this year, he said.

The city of Keene, near Fort Worth, was also hit, and their Mayor said the attack came via their IT provider, as these small towns outsource that task since they don’t have sufficient resources to do it themselves. This is a real problem that’s going to keep happening, and we really should put more money and effort into fighting against it at a state and national level. Good luck to all involved in cleaning up the mess. A more recent statement from the Texas DIR is here, and the Star-Telegram, the Chron, and the Trib have more.

Related Posts:

This entry was posted in Technology, science, and math and tagged , , , , , . Bookmark the permalink.

5 Responses to “Coordinated cyberattack” on several Texas cities

  1. Bill Daniels says:

    This really pisses me off. Surely our federal government with all of its spying capability can determine where these attacks are coming from. If this isn’t War on Terror related, I don’t know what is. As usual (LOL), I have the solution to stopping this kind of thing.

    Drone strikes.

    I’d also like to see this done to the Indian scammers who call Americans from “Microsoft.” I apparently have gotten on a scammer list because I have Indian people call every few days claiming to be from local pain clinics of varying names. Not sure what the scam actually is, because I never actually get that far. The readers here can only imagine the vile filth I shout at them before hanging up the phone, but they still keep calling, with spoofed caller ID. Maybe they are just lonely cucks that like to be verbally abused by redneck Americans? I’m happy to oblige the idiot harijans that should be scrubbing toilets instead of wasting my time.

  2. I’m quite sure they know where the attacks are coming from. They’re not ready to make that public, for a variety of reasons, but they know what the source of the attacks is.

  3. Bill Daniels says:

    I hope you’re right, Kuff. The thing is, our response needs to be public, and brutal. These stories come and go, and we never really hear the resolution….what happened. Sometimes, our municipalities, and hospitals report that they actually pay. Americans should never be held hostage by foreign scammers.

  4. C.L. says:

    Americans should never be held hostage by domestic scammers.

  5. Bill Daniels says:

    “Americans should never be held hostage by domestic scammers.”

    I agree with that, too, but I’m not advocating for drone strikes on American citizen scammers. I’d settle for Roger Stone level raids on American citizen scammers…..military style raids, complete with automatic weapons, helicopters, boats, and frogmen. CNN reporters optional.

    And they should be prosecuted as terrorists, especially the ones that prey on the elderly.

Comments are closed.