The Lone Star State is now the No Ransom Payments state as all 22 Texas local governments targeted by ransomware in August refused to pay the money demanded.

The decision to oppose paying ransoms in the attacks came from the top. The Texas Department of Information Resources, which was tasked with coordinating the response, also led the push for ransoms to not be paid. Those behind the ransomware attack were demanding a payment of $2.5 million to unlock the data of the local governments targeted.

In an update last week, the department said that most services were restored within a week of the ransomware attacking occurring with half of the local governments now back to operating as usual.

“Through the dedication and vision of the Office of the Chief Information Security Officer at the Texas Department of Information Resources, a response plan was in place and ready to be put into action immediately,” the department said. “Within hours of receiving notice of the event, state and federal teams were executing the plan and in the field at the most critically impacted sites to begin eradicating the malware and assessing impact to systems. By day four, response teams had visited all impacted sites and state response work had been completed at more than 25% of those sites. One week after the attack began, all sites were cleared for remediation and recovery.”

The state-led effort to combat the ransomware attacks show how other states and entities can fight back against ransomware attacks with planning and a coordinated response.

The decision to stand firm was questioned by some, however. Ilia Kolochenko, founder and chief executive officer of web security company ImmuniWeb, told SiliconANGLE that at least short-term, the decision to not pay a ransom may be “questionable and cost-unconscious.”

“Someone has to pay for dozens of agencies and their personnel to ‘rebuild networks from scratch’ as reported,” Kolochenko explained. “Most likely the burden will again fall on the taxpayers’ shoulders and largely surpass the ransom demanded. It’s like SWAT saying we won’t negotiate with terrorists after shooting the hostages.”

Kolochenko said that such rigid tactics may well discourage the attackers, but they won’t resolve the root cause of the incident: lack of visibility across digital assets, poorly implemented fundamentals of security and security skills shortage. “These essentials need to be addressed without further delay,” he said.

Image: Boston Public Library/Flickr