Washington (CNN) At least 22 cities and local governments in Texas are working to recover from a seemingly coordinated ransomware attack on their computer networks.

"Evidence continues to point to a single threat actor," Elliott Sprehe of the Texas Department of Information Resources, which is coordinating the state's response to the attack, said in a statement Tuesday. The agency declined to share speculation on who might be responsible, citing an ongoing federal investigation. The FBI and Department of Homeland Security are assisting with the response.

Ransomware is most commonly a tactic for criminal hackers to make easy money. It works by encrypting a victim's computer, then demanding a payment -- often in bitcoin -- to unlock it. Ransomware authors are rarely caught, though the FBI has indicated it's tracking some suspects, waiting for them to move to a country that can extradite to the US.

"We haven't seen this kind of coordinated ransomware attack against municipalities before. We have seen attackers that will go after local governments, but sequentially," said Allan Liska, who tracks ransomware attacks for the cybersecurity firm Recorded Future. "But nothing this organized and certainly nothing this effective."

The Texas state government declined to name what strain of ransomware it is or to name the victims, save to say that "the majority of these entities were smaller local governments."

Read More