Twenty-two cities across Texas are being held hostage for millions of dollars after a sophisticated hacker, perhaps a group of them, infiltrated their computer systems and encrypted their data. The attack instigated a disaster-style response that includes the National Guard and a widening FBI inquiry, reports the New York Times. More than 40 municipalities have been the victims of cyberattacks this year, from major cities such as Baltimore, Albany and Laredo, Tx., to smaller towns including Lake City, Fl. Lake City is one of few cities to have paid a ransom demand — $460,000 in Bitcoin, a cryptocurrency — because it thought reconstructing its systems would be costlier.
In most ransomware cases, the identities of culprits are cloaked by clever digital diversions. Intelligence officials say many hackers have come from Eastern Europe, Iran and, in some cases, the U.S. Many have targeted small towns, figuring that sleepy, cash-strapped local governments are the least likely to have updated their cyberdefenses or backed up their data. The attacks have serious consequences, with recovery costing millions of dollars. “The business model for the ransomware operators for the past several years has proved to be successful,” said Chris Krebs of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency. “Years of fine-tuning these attacks have emboldened the actors, and you have seen people pay out — and they are going to continue to pay out,” he said, despite FBI warnings that meeting ransom demands only encourages more attacks. On Wednesday, the Department of Homeland Security issued a warning about a “Ransomware Outbreak,” cautioning cities and towns to “back up your data, system images and configurations” and keep them offline. In the 22 Texas attacks, the pathway appeared to be a once-trusted communications channel often used by law enforcement agencies, and managed by a private systems-management firm.