The hackers behind a series of coordinated ransomware attacks on local government organisations in Texas have demanded $2.5m (£2m) to release the encrypted files.
The computer systems of 22 local government entities have been locked down by the attack, which has disrupted business and financial operations across the state.
Officials have been forced to stop taking payments for a range of services including utilities as they scrambled to get systems back online.
The state confirmed over the weekend that a number of federal agencies, including the FBI and Department for Homeland Security, had been drafted in to respond to the attack.
Speaking to National Public Radio on Tuesday, Gary Heinrich, the mayor of Keene, Texas, revealed that “just about everything we do at City Hall is impacted”. The hackers behind the coordinated attacks demanded a collective ransom of $2.5m, but Heinrich said his city would not be paying up.
A spokesperson for the Texas Department for Information Resources, which has been leading the response to the attack, told NPR said he not aware of any of the affected cities paying the ransom.
It is believed the virus, known as .JSE because of the file extension it uses, was disseminated via a managed service provider working on behalf of a number of cities. “They got into our software provider, the guys who run our IT systems,” said Heinrich. “A lot of folks in Texas use providers to do that, because we don’t have a staff big enough to have IT in house.”
The incident is just the latest in a series of cyber attacks targeting US local government. In recent months a number of cities have been hit by ransomware attacks, with several meeting the hackers’ demands. Earlier this summer, officials in Lake City in northern Florida paid out nearly $500,000 after hackers took down their email and phone network.
Liron Barak, the chief executive of security vendor BitDam, described local governments as lucrative targets for hackers: “In addition to the regular ‘hacker’s benefits’ of gaining access to customer data, an attacker who penetrates a city’s system may get access to sensitive resident information.”