Skip to main content
close search
site logo
Dive Brief

Texas officials 'unaware' of any ransom payments after widespread attack

Published Aug. 21, 2019 Updated Sept. 9, 2019
Samantha Schwartz's headshot
Samantha Schwartz Reporter

First published on

CIO Dive

UPDATE: September 9, 2019: Local Texas government agencies fully restored business-critical services approximately one week following a widespread ransomware attack, which hit in August, according to the Texas Department of Information Resources (DIR).

More than half of the 23 organizations impacted are "back to operations as usual," according to DIR. Agency officials were "unaware" of any ransom payments.

Dive Brief:

  • In Texas, at least 23 government entities were hit by a "coordinated ransomware" attack coming from a single threat actor, according to updates from The Department of Information Resources (DIR). 
  • The ransomware attack, which began Friday, targeted mostly "smaller local governments," according to the announcement. Governor Greg Abbott issued a "Level 2 Escalated Response," just under the requirements to qualify for a Level 1 or emergency response, according to an emailed statement from Nan Tolson, Abbott's deputy press secretary. 
  • The Level 2 response seeks support from outside the state, including the Department of Homeland Security and the Federal Bureau of Investigation. DIR, Texas Division of Emergency Management, Texas Military Department and Texas A&M University Systems Security Operations Center/Critical Incident Response Team are involved in the investigation.

Dive Insight:

Smaller governments are more likely to have legacy systems and modest security, making for easy targets.

Texas' current predicament is the result of "finding a common type of highly vulnerable organization that have the willingness – and ability – to pay a ransom," Matthew Gardiner, director of cybersecurity marketing at Mimecast, told CIO Dive in an email.

Paying a ransom comes down to basic math — weighing the cost of recovery versus the cost of the ransom — and most municipalities conclude the price of the ransom is cheaper. 

But paying a ransom is a gamble because it doesn't guarantee the return or unlocking of data. It also, critics argue, sets an unhealthy precedent.

Last month more than 225 U.S. mayors agreed to not pay a ransom during a cyberattack, saying doing so "encourages continued attacks," according to the 2019 list of resolutions from the U.S. Conference of Mayors. 

By the time the mayors met, two Florida cities had already paid their attackers' ransoms and bad actors took note.

Because local governments have public-facing contact information, like emails, personalized phishing schemes are an easy tool for bad actors to deploy. "It isn't necessarily a case of 'coordination,' but rather a case of 'targeted marketing' by the cybercriminals," said Gardiner.

Recommended Reading

Editors' picks

Company Announcements

View all | Post a press release
François Wasselin Named Head of Infrastructure, Will Lead American Global’s New Center of Exce…
From American Global
October 24, 2024

Want to share a company announcement with your peers?

Get started

Editors' picks
Latest in Climate & Resilience
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell