Ransomware attacks against local governments are still a clear problem, and Texas is discovering this first hand. The state has revealed that 23 government entities reported a ransomware attack on the morning of August 16th. Most of these were "smaller local governments," the Department of Information Resources said, and State of Texas networks and systems weren't hit.
Texas hasn't named the institutions so far due to "security concerns."
Security teams hadn't identified the culprits. However, the evidence to date pointed to a "single threat actor" attacking all these entities at once. Ransomware attacks usually come from criminal organizations hoping to make a quick profit, although there have been reported instances of hostile nations using ransoms to fill their coffers. Municipal governments are sometimes prime targets as they don't always have the resources to fight back and avoid paying.
The incident is considered a high priority. In addition to several state agencies offering support, the case also involves the Department of Homeland Security, the FBI, FEMA and other federal-level security partners.
It's unclear how officials intend to respond, let alone the exact severity of the damage. Nonetheless, the attack might spur some action. In many cases, ransomware attackers are exploiting old vulnerabilities (sometimes by using NSA tools) or workers who don't understand the dangers of phishing attacks. It's moments like this that underscore the importance of both modernizing government networks and educating staff to prevent ransomware from infecting systems in the first place.