At least 23 local government entities in Texas were hit by ransomware last week, in what officials are describing as a "coordinated attack."
The attacks, the majority of which are believed to have struck "smaller, local governments," were reported Friday morning, according to the state's Department of Information Resources (DIR), which is leading the response to the incident.
"At this time, the evidence gathered indicates the attacks came from one single threat actor," DIR said, in a press release.
Texas Gov. Greg Abbott ordered a "Level 2 Escalated Response" on Friday — the second highest level of the state's four-step emergency response protocol, which implies that the scope of the incident has "expanded beyond that which can be handled by local responders."
It is believed that all entities affected by the attack have now been identified and notified, though those communities are not being publicly identified at this time due to "security concerns," said Elliott Sprehe, press secretary for the IT agency. No state systems were affected by the attacks.
Federal authorities such as the FBI, FEMA and the Department of Homeland Security are assisting with investigation into the attacks, though DIR noted that the primary focus at this point is response and recovery operations.
The incidents come at a time of heightened public anxiety surrounding cyberattacks — particularly ransomware, which has increasingly been used to target governments, school districts and companies across the country.
Aside from DIR, a number of agencies are assisting in the response and recovery operations, including the Texas Military Department, the Texas Division of Emergency Management and the Texas Department of Public Safety, among others.
The agency also released a list of security recommendations to guard against similar attacks, including avoiding suspicious or unexpected links or attachments in emails, using strong passwords, and investing in cybersecurity awareness training.