Cybersecurity experts have been deployed by the state to assess the damage from a “coordinated ransomware attack” that struck 23 Texas cities on Friday, state officials said.
Investigators hadn’t determined the origin of the attacks as of Friday evening and were still working to bring cities’ systems back online, according to a news release from the Texas Department of Information Resources. The department believes, however, that the attacks came from a “single threat actor.”
Ransomware attacks involve a type of malware that accesses an organization’s files, locks and encrypts them until a ransom is paid to get them back. The malicious software is often delivered through email attachments or links, and has cost cities across the country millions in damage to computer hardware.
The department declined to name the specific cities that were attacked, but said the majority were smaller local governments.
On Friday, Texas Gov. Greg Abbott ordered a “Level 2 Escalated Response” to the attacks, one step below the Texas Division of Emergency Management’s highest level of alert. The designation means the emergency is beyond the scope of local responders.
The Texas ransomware incidents follow recent attacks in other states including Florida, Maryland and New York.