More than 20 local governments in Texas were targeted in a coordinated ransomware attack, according to authorities. The Texas Department of Information Resources said that it believes a single source was behind all of the attacks, the number of which the agency lowered from 23 to 22 Tuesday.
The department didn't name the affected cities or provide details about the attacker's demands, but it said several of the cities had resumed normal operations by Tuesday.
Texas and federal agencies, including the Department of Homeland Security and the FBI, are working with the affected cities to try and restore their access.
The attack in Texas is similar to other ransomware attacks that have crippled digital operations in cities around the country in recent years, Elliott Sprehe, a department spokesman, said Tuesday. "Once it's activated, your computer system is effectively locked from use until you pay that ransom as requested," he said.
Trying to prevent similar attacks is "a continual cat-and-mouse game" for governments of all sizes, Sprehe said. Ransomware often spreads through emails containing malicious links or attachments or by visiting a compromised website.
Only the latest attack
Many other U.S. cities have been targeted by ransomware attacks. In June, Lake City, Florida, officialsto restore email and other servers. The incident made it impossible for community members to pay city bills online. A second Florida city, Riviera Beach, said it would to retrieve its records.
Other cities that have been hit include Baltimore, where officials refused a demand for about $76,000 in bitcoin to restore access to its computer network. Federal prosecutors last year indicted two Iranian men for ransomware attacks on more than 200 victims, including the cities of Atlanta and Newark, New Jersey, that netted them more than $6 million and cost the affected governments and companies more than $30 million.
Sprehe said he didn't know whether any of the affected Texas municipalities have agreed to the ransom demand.