LACyber is a Division of Lincoln Archives Inc.

Ransomware Keeps 22 Texas Government Agencies at a Standstill

(Uploaded: 2019-08-22 13:44:38 -- Author: Sally Rozumalski)

More and more cities across the US are falling victim to cyberattacks. With no signs of letting up.

The average costs of data breaches will reach into the hundreds of millions of dollars by 2020, in a recent study by Juniper Research. With 50% of companies reporting that they don’t feel adequately prepared for the threat.

In Texas, this statistic has become reality, as 22 small towns have been hacked, and held for ransom. This widespread, coordinated cyberattack has sent state emergency-management officials scrambling for answers while also initiating a federal investigation.

The Texas Department of Information Resources is currently racing to bring systems back online after the ransomware attack, remotely blocking access to important data until a ransom is paid.

While the original number of towns affected has been reduced from 23 to 22, the ransomware virus appeared to affect certain agencies in the 22 towns, not entire government computer systems. Officials said that there were common threads among the 22 entities and that the attacks appeared not to be random, but they declined to elaborate, citing a federal investigation.

While it’s still currently unclear what or whom is responsible for these coordinated attacks, it is clear the threat comes from one entity.

Due to the potential for ongoing attacks, officials are releasing little to no specifics regarding the origin of the attacks. Including if said towns had paid their respective ransom requests.

The attack began on Friday morning. Later that day, Gov. Greg Abbott ordered the second-highest level of alert in the state’s emergency-response system, classifying the attack as a Level 2 Escalated Response, meaning that the scope of the incident had reached beyond what local responders can manage.

Cybersecurity experts have been assigned to those areas affected, in order to assess damages affected at the local level and bring their systems back online as soon as possible.

Experts are calling the coordinated Texas attacks the “largest coordinated attack” on cities in terms of the number of targets, and that “it may be the first time that we’ve seen a coordinated attack.”

 While this is the first attack of this caliber, it is not expected to be the last.

Experts agree that where one cybercriminal lead, others follow. So, expect this coordinated attack scheme to spread to cities nationwide.

While past years have seen businesses, hospitals, and legal entities the targets of ransomware attacks, local governments have begun to creep into the list as well.


Ransomware attacks, while avoidable, often begin in house!


Often times, employees will click on enticing links or email chains, unknowingly downloading attachments containing malicious code.

Back in May, Baltimore was hit with a ransomware attack of a similar matter.

This attack affected everything from preventing the Health Department from issuing critical alerts, to issuing police reports and employment applications.


The United States Conference of Mayors, which represents cities with populations of 30,000 or more, has said ransomware attacks on local governments are on the rise.

At least 170 city, county or state government systems have experienced an attack since 2013,  with 13% of those attacks occurring in the first half of 2019 alone!


Ransomware attacks, have sparked debate nationwide more specifically; how to avoid them…

Essentially it depends on the system specifically, but overall there are 3 options every entity is tasked with:

  1. Pay the ransom, which he said was ultimately a business decision, but also a moral one because it perpetuates the problem and the criminals behind it.
  2. Restore data from backup files that have been stored offline. But if officials take too long to deliberate and miss the ransom deadline, or there are no backup files,
  3. Rebuild. Starting from scratch. Obviously, a tough place to be.


State and local government entities only pay ransoms 17% of the time. But the catch? Criminals get major media attention when they target cities… so despite the low payout, it’s often worth it on their end!


Several state and federal agencies are responding to the attack on the 22 Texas towns, including the

  • F.B.I.
  • the Federal Emergency Management Agency and the
  • Texas Military Department.

The state’s computer systems and networks were not affected.


As a precaution, officials in some small Texas cities and counties have been shutting down parts of their online systems even though they were not one of the affected towns.

In a statement, Denison officials said Monday that they were temporarily disconnecting their information systems from the internet. The city’s website, phone service and 911 system remained operational, but officials were not accepting credit-card payments for bills during the outage and city staff had little or no access to emails.

The important takeaways?

No one is safe from the reach of cyber criminals. With ransomware heating up once again, it’s vital to stay vigilant and informed.

Ensure your employees have a firm grasp on malicious email trends and have the proper resources to report any potential threats to those in charge. Remember, ransomware is debilitating to any organization, but it is also preventable with the right training and precaution.

Back to Blog Post Listings

We'd love to hear from you!