Texas agency blames 'single threat actor' for recent ransomware attacks

Texas agency blames 'single threat actor' for recent ransomware attacks
The Texas Department of Information Resources (DIR) pointed to a “single threat actor” on Tuesday as being responsible for a recent spate of ransomware attacks on small local governments and other state entities. 

The attacks took place late last week and took down systems of 22 Texas entities.

The State Operations Center was immediately activated, and the FBI, the Department of Homeland Security and the Federal Emergency Management Agency are involved in the investigation into the attacks. 


While DIR has not named those impacted, the city governments of Borger, Texas, and Keene, Texas, have confirmed that they were among the victims of the attack. The Borger city government is unable to collect utility payments and issue birth or death certificates, while the city of Keene can’t accept credit card payments for utilities. 

DIR noted Tuesday that all 22 impacted entities have been contacted by state and federal agencies involved in the response and that 25 percent of those impacted have “transitioned from response and assessment to remediation and recovery, with a number of entities back to operations as usual.”

No Texas statewide networks and systems were impacted by the ransomware attacks. Investigations into how the attack began are going forward. 

DIR recommended that both public and private organizations protect themselves against these types of cyber attacks through keeping software up to date, changing passwords to accounts regularly, modernizing older systems and backing up systems.