Tag Archive for: Dallas

Dallas ransomware: Employees benefit information likely accessed

/in


DALLAS — Hackers likely accessed city of Dallas employees’ benefits information as a result of the ransomware attack that occurred in early May, WFAA has learned. 

WFAA obtained a copy of an email sent to city employees from Dallas City Manager T.C. Broadnax, which stated “some benefits-related information maintained by the City’s Human Resources department was accessed by the unauthorized third party responsible for this ransomware incident.”

Broadnax did not say in the email how many employees were affected. He also said the City is offering free credit monitoring for employees. 

In late June, Dallas City Council approved a near $4 million deal to ramp up cybersecurity systems already in place. The funding specifically provides the city with a “threat and anomaly detection” system for the Information and Technology Services Department over the span of three years.

“We understand the concern this incident may cause, and please know we are working to provide the necessary resources and support for our employees,” Broadnax said in the email.

Source…

After ransomware attack, Dallas City Council approves ‘threat and anomaly detection system’

/in


Almost two months after a ransomware attack disrupted City of Dallas online services, council members voted to approve a multi-million-dollar contract for upgraded cybersecurity software.

Council members approved the $3.9 million measure without comment. The agreement between the city and Texas based IT consulting group Netsync, was tucked away in the council’s lengthy consent agenda.

The contract authorizes the city manager to pay Netsync immediately after council approval. Council members also discussed the ongoing ransomware attack that started in early May, among other issues, in executive session during Wednesday’s meeting.

There was no public discussion of the agreement during Wednesday’s meeting, but according to the approved item, the funds are for support of a threat and anomaly detection system for” the city’s IT department.

On May 3, the city was hit by the hacker group Royal, which impacted a number of city systems. Those included the Dallas Police Department, Dallas Fire Rescue, 911 and 311 — the city’s nonemergency service.

Other city services brought down as a result of the attack were the Dallas Water Utilities department, the municipal court building and the public library system. For the duration of the attack — which the city is still recovering from — officials maintained that there was “no indication that customer information…has been leaked from City systems.”

The assurances came after the hacker group posted a message on their blog threatening the release of “tons of personal information of employees (phones, addresses, credit cards, SSNs, passports)…” the post said.

The Federal Bureau of Investigation and the Cybersecurity and Infrastructure Security Agency released a warning about the Royal hacker group in early March.

Got a tip? Email Nathan Collins at [email protected]. You can follow Nathan on Twitter @nathannotforyou.

KERA News is made possible through the generosity of our members. If you find this reporting valuable, consider making a tax-deductible gift today. Thank you.

Source…

Dallas Public Library system back up weeks after ransomware attack

/in


PREVIOUS COVERAGE: Dallas ransomware attack

The City of Dallas says that more than 90% of the network has been restored, but the details of the remaining 10% is limited.

DALLASThe Dallas Public Library’s online catalog system is back up and working after a ransomware attack 7 weeks ago.

Since the attack that took down many city systems in early May, librarians had to check out books, DVDs and other material by hand. Returned materials were also not able to be checked in and put back into circulation, leaving many shelves empty.

Now library users and staff can search online for materials and apply for library cards again.

The library asks if you have material to check in, you can now return them to the library.

Customer accounts may not be accurate as staff work through the backlog of checkouts and check-ins, and you can expect it to take longer than usual to receive any hold requests.

“We are asking our customers to be patient with us and be assured that we will work through any issues on their accounts,” Director of Libraries Jo Giudice said. “We never charge fines for overdue materials, and any charges for failure to return items will be resolved.”

Related

Dallas Animal Services crippled by city ransomware attack

Due to technical issues caused by the attack, Dallas Animal Services is urging the public to not surrender any animals right now unless it is an emergency. The assistant director says they need time to get a new paper system up and running.

The library says it is in search of volunteers to help work through the large backlog.

Several city services were affected by the ransomware attack, carried out by the group known as Royal, including police and fire dispatch, courts, online payment systems and Dallas Animal Services among others.

Public computers at the library will still be unavailable, but the Dallas Public Library’s GED Testing Center also resumed service. The library offers testing Tuesday through Saturday at the J. Erik Jonsson Central Library.

Source…

Ransomware Trends Say Dallas Was Vulnerable Target

/in


(TNS) — Dogged police work into ransomware hacks rarely ends with authorities slapping handcuffs on thieves. The attackers are likely sophisticated foreign nationals operating out of Eastern Europe, perhaps under state protection. The culprits may never be brought to justice.

That’s why cybercrime experts say municipalities should spend money up front to protect computer systems and educate employees about the risks — or pay millions after a crippling computer attack.

“When you get hit with ransomware, law enforcement cannot come in with a magic wand and fix the problem,” said Scott Augenbaum, a retired FBI agent and current cybersecurity expert. “This needs to be a wakeup call that we have to start focusing on the prevention side.”


Dallas has been in the grip of a computer crisis since hackers broke into its system last month. The city’s computer data has been held hostage, literally, to the demands of unknown cybercriminals. The attack hampered public-facing services like the 311 complaint system, municipal courts and online water bill payments.

The Dallas Morning News talked to cybercrime experts and pored through federal court records and FBI testimony before Congress to understand the chances of catching such hackers and how to prevent the attacks.

Experts say organized criminal groups increasingly target underfunded American city and county governments, which tend to lag behind private companies in computer security. The hackers’ goal is not to steal data but to disrupt key government services until a ransom is paid.

“Most of this stuff could have been prevented,” said Augenbaum, who wrote a book, The Secret to Cybersecurity. “We’ve got to get people to take it seriously.”

Augenbaum said ransomware is not a technology arms race between the good guys and criminals. Most cyber fraud, he said, is committed using low-tech social engineering methods: emails, social media messages, spoof phone calls and texts.

A city or company could spend millions on the best security systems, and all it takes is a careless employee clicking on a bad link to put everything at risk, he said. One stolen…

Source…