The attacks, the majority of which are believed to have struck "smaller, local governments," were reported Friday morning, according to the state's Department of Information Resources (DIR), which is leading the response to the incident.
"At this time, the evidence gathered indicates the attacks came from one single threat actor," DIR said, in a press release.
Texas Gov. Greg Abbott ordered a "Level 2 Escalated Response" on Friday — the second highest level of the state's four-step emergency response protocol, which implies that the scope of the incident has "expanded beyond that which can be handled by local responders."
We are leading the response to a ransomware attack on at least 20 Texas local government entities. For more information, including #ransomware facts and cybersecurity tips see our attached guides and visit our website at https://t.co/FmjRaiKKgI pic.twitter.com/1Dq88cv6XW — Tx Dept of IR (@TexasDIR) August 17, 2019
Federal authorities such as the FBI, FEMA and the Department of Homeland Security are assisting with investigation into the attacks, though DIR noted that the primary focus at this point is response and recovery operations.
The incidents come at a time of heightened public anxiety surrounding cyberattacks — particularly ransomware, which has increasingly been used to target governments, school districts and companies across the country.
Aside from DIR, a number of agencies are assisting in the response and recovery operations, including the Texas Military Department, the Texas Division of Emergency Management and the Texas Department of Public Safety, among others.
The agency also released a list of security recommendations to guard against similar attacks, including avoiding suspicious or unexpected links or attachments in emails, using strong passwords, and investing in cybersecurity awareness training.