On August 16, 2019, a ransomware attack impacted 23 organizations in north and northwest Texas. The ransomware attack was unique in that it targeted primarily small community organizations and was coordinated through a single managed service provider. Response to the attack was intense and involved several local, state, and federal organizations, with the Texas governor activating the state national guard cybersecurity unit. This paper provides a firsthand account from a member of the state national guard cybersecurity unit that responded directly to one of the affected communities. Several observations are reported, and recommendations made to help improve cybersecurity awareness and preparedness in small municipalities and small and medium organizations.

Achten, N., (2022). Texas Municipality ransomware attack (2019). Cyberlaw, July 22, 2021. Retrieved on February 18, 2023 from https://cyberlaw.ccdcoe.org/wiki/Texas_Municipality_ransomware_
attack_(2019)

Allyn, B., (2019). 22 Texas Towns Hit With Ransomware Attack In 'New Front' Of Cyberassault. National Public Radio, August 20, 2019. Retrieved on February 18, 2023 from https://www.npr.org/2019/08/20/752695554/23-texas-towns-hit-with-ransomware-attack-in-new-front-of-cyberassault.

Bleiberg, J. and Tucker, E. (2021). ‘Holy moly!’: Inside Texas’ fight against a ransomware hack. AP News, July 25, 2021. Retrieved on February 18, 2023 from https://apnews.com/article/technology-government-and-politics-business-texas-hacking-772675a2a7a095ef6e5caa72fa8ca847.

Cisternelli, E. (2023). 7 Cybersecurity Frameworks That Help Reduce Cyber Risk. Bitsight.com, March 31, 2023. Retrieved on April 23, 2023 from https://www.bitsight.com/blog/7-cybersecurity-frameworks-to-reduce-cyber-risk

Dudley, R. (2019). The extortion economy: How insurance companies are fueling a rise in ransomware attacks. Pro Publica.

Freed, B., (2019). More identified in Texas ransomware attack as feds urge coordinated response. Statescoop, August 22, 2019. Retrieved on February 18, 2023 from https://statescoop.com/texas-ransomware-attack-nine-named-feds-respond/.

McFarland, C., Rivett, B., Funk, K., Kim, R., and Wagner, S. (2020). State and Local Partnerships for Cybersecurity: A State-by-State Analysis. National League of Cities.

Ocampo, H. R. (2021). Municipal Governments and the Need for Cybersecurity (Doctoral dissertation).

Preis, B., and Susskind, L. (2022). Municipal Cybersecurity: More Work Needs to be Done. Urban Affairs Review, 58(2), 614–629. https://doi.org/10.1177/1078087420973760.

Raghavan, K., Desai, M., and Rajkumar, P. V. (2020). Multi-step Operations Strategic Framework for Ransomware Protection. SAM Advanced Management Journal, 85(4), 16-2.

Texas Department of Information Resources (DIR), (2021). US Justice Department Announces Indictment Against REvil Ransomware Suspect Behind 2019 Ransomware Attack on Texas Municipalities. Cybersecurity News DIR News, November 8, 2021. Retrieved on February 18, 2023 from https://dir.texas.gov/news/us-justice-department-announces-indictment-against-revil-ransomware-suspect-behind-2019#:~:text=AUSTIN%20%E2%80%93%20The%20United%
021)20States%20Justice,municipalities%20hit%20in%20August%
202019

Tuttle, H. and Jacobson, A. (2019). Enemy of the State: Ransomware Surges Against State and Local Governments in 2019. Risk Management, 66(11), 30-35.