More than 20 local governments in Texas are facing a coordinated ransomware attack, authorities said.
The Texas Department of Information Resources said in a statement Saturday that it believes a single source is behind all 23 of the attacks. It didn't name the affected cities or provide details about the attacker's demands.
Texas and federal agencies, including the Department of Homeland Security and the FBI, are working with the affected cities to try and restore their access.
The attack in Texas is similar to other ransomware attacks that have crippled digital operations in cities around the country in recent years, Elliott Sprehe, a department spokesman, said Tuesday.
“Once it's activated, your computer system is effectively locked from use until you pay that ransom as requested,” he said.
Trying to prevent similar attacks is “a continual cat-and-mouse game” for governments of all sizes, Sprehe said.
Ransomware often spreads through emails containing malicious links or attachments or by a user visiting a compromised website.
Among the U.S. cities that have been targeted by ransomware attacks is Baltimore, Maryland, where officials refused a demand for about $76,000 in bitcoin to restore access to its computer network. Federal prosecutors last year indicted two Iranian men for ransomware attacks on more than 200 victims, including the cities of Atlanta, Georgia, and Newark, New Jersey, that netted them more than $6 million and cost the affected governments and companies more than $30 million.
Several Florida cities in June paid hundreds of thousands of dollars to hackers who encrypted records, disabled their email systems and blocked their ability to pay employees and vendors via direct deposit.
Sprehe said he didn't know whether any of the affected Texas municipalities have or plan to cave to the attacker's ransom demand.