AUSTIN, Texas (CN) – A ransomware cyberattack took down the systems of 23 local governments in Texas, state officials said over the weekend.
The Texas Department of Information Resources said the attack came Friday morning, with most of the targets being “small local” governments it did not identify. It said no statewide systems or networks were affected.
“At this time, the evidence gathered indicates the attacks came from one single threat actor,” the agency said in a statement. “Investigations into the origin of this attack are ongoing; however, response and recovery are the priority at this time.”
The Texas Department of Public Safety, Department of Homeland Security and FBI are all involved in the investigation.
Ransomware is maliciously written programs that, when opened through email, can encrypt files on a system and allow hackers to extort money in exchange for unlocking the files.
The hackers apparently broke into the city’s system when an employee clicked on an email link that allowed them to upload malware. The city also suffered a disabled email system; employees and vendors had to be paid by check rather than direct deposit, and 911 dispatchers were unable to enter calls into the computer. The city denied there was any delay in emergency services’ response times.
Texas officials did not reveal the amounts of ransom demanded in Friday’s attack.
According to FBI statistics, 1,493 ransomware attacks were reported nationwide last year, with victims paying $3.6 million to hackers.
A recent poll from the Pew Research Center indicated Americans are more concerned about cyberattacks originating from other countries than the Islamic State terrorist group or the North Korean government.
The poll, released in late July, reported that 74% of the public rates foreign cyberattacks as a hazard, compared to 53% for ISIS and 53% for North Korea.
In mid-July, California officials issued findings of an audit that concluded that 21 of 33 state agencies were at risk for hacks due to lax information technology protocols.
The audit cited a case in which an agency under the military refused a recommendation to change its default password for nearly 16 months. Another agency had not fixed security flaws identified in 2013.