Report offers new insight into Dallas ransomware attack – NBC 5 Dallas-Fort Worth
Report offers new insight into Dallas ransomware attack NBC 5 Dallas-Fort Worth
Tag Archive for: Dallas
Dallas ransomware recovery “more than 90% complete,” city says
Dallas’ head of information technology says the city has almost fully restored its system after a ransomware attack four weeks ago.
Chief Information Officer Bill Zielinski told The Dallas Morning News that the city estimates being “more than 90% complete” in restoring IT systems and services since the cyberattack.
“Following the initial attack on May 3, the city has worked with its cyber response vendors and IT service providers to review, clean, rebuild and restore city computers and servers to normal operations,” he said.
Zielinski didn’t give a timeline on when the system would be fully restored. The city in mid-May said the recovery process could take several more weeks or months to complete.
The scope of the attack, the amount of work the city has done, and what’s left is still unclear as of Thursday. City officials have cited the criminal investigation as the main reason to not fully explain the incident, and Dallas’ communications director emailed the mayor and City Council members Wednesday urging them to stick to telling inquiring residents and media that an investigation is ongoing and that updates will be shared “as appropriate.”
Ransomware is often used to extort money from organizations by threatening to block access to files or release confidential information unless money is paid. The city hasn’t given any information about a potential ransom and has maintained that there is no evidence any personal information from employees or residents have been leaked.
Royal, the group suspected to be behind the cyberattack, on May 19 threatened to publicly release data stored by the municipal government. It doesn’t appear that has happened as of Thursday.
The city said several servers were compromised with ransomware early May 3 and that it intentionally took others offline to prevent the bad software from spreading. It led to several departments being hampered and some city services being unavailable, such as residents being unable to pay their water bills online or not being able to report non-emergency complaints via the city’s 311 app.
Catherine Cuellar, the city’s…
Dallas is still under a ransomware attack. Here’s what’s impacted
Early last month, the city of Dallas was hit with a ransomware attack by the hacker group Royal, which impacted a number of its websites.
The city’s online services were down for several days following the May 3 cyberattack.
Dallas Chief Information Officer William Zielinski told a city council committee at the time that the attack affected systems throughout the city’s network.
Here’s what we know was impacted by the ransomware attack:
- Dallas Police Department, Dallas Fire-Rescue, 911 and 311: The outages impacted DPD’s computer-assisted dispatch system, known as CAD. Dispatch call takers had to manually write down instructions for officers in the field and officers were only able to respond through their phones and radios. According to city spokesperson Catherine Cuellar, those systems were brought back online May 6 and emergency dispatch has stayed in operation since.
- Dallas Water Utilities: The attack knocked out the online payment system for Dallas Water Utilities, as well as meter-reading software. Those have since come back online.
- Dallas Municipal Court: The court was closed for the majority of the month after the cyberattack. There were no hearings, trials or jury duty during that time, and the city could not accept nearly any form of citation payments. Dallas residents were still able to mail important documents to the court, but wasn’t able to process them until the court reopened on Tuesday. All hearings that were scheduled since May 3 will be rescheduled and new court dates mailed out now that services are restored.
- Dallas Public Library: The library’s reservation system has not been brought back online yet. Staff are still manually tracking the availability of borrowed items. Residents can still check those items out, but are being advised not to return them until the system is fully functional again.
The city says it’s been working with federal and state law enforcement to investigate the ransomware attack.
Meanwhile, city spokesperson Catherine Cuellar says workarounds remain in place as officials continue to restore public safety and public-facing services.
“Serving our residents remains a top priority, and while we…
5 Hacks by Dallas Ransomware Attackers
Federal intelligence agencies say that Royal, a Russia-based hacking group, has pulled off more than a dozen ransomware attacks since February. During these attacks, the hackers will infiltrate computer systems of schools, hospitals or municipalities, and lock up all the data until a ransom is paid.
Royal is behind the recent ransomware attack against the city of Dallas. The hack has disrupted services across the board. But the group was busy before this most recent attack, both in and out of Dallas, targeting governments and organizations.
Simon Taylor, founder and CEO of the data backup company HYCU, told the Observer that it’s not a matter of if a ransomware attack will happen, but when, and that local governments should be prepared. “We’re seeing this more and more often. These cities and municipalities are being targeted by ransomware terrorists,” Taylor said. “The severity of an attack like this can be really really extreme.”
Silverstone Circuit
One of the higher-profile attacks was launched last November. When Royal pulls off a hack, the group posts about it on its blog. On Nov. 8, 2022, the group announced that it hacked Silverstone Circuit, one of the most popular racing circuits in the United Kingdom, according to techcrunch.com.
“The end of the the Second World War had left Britain with no major racetrack but plenty of airfields,” the group wrote in its post about the Silverstone Circuit hack. “On Oct. 2, 1948, the Royal Automobile Club hosted the first British Grand Prix at Silverstone, a former RAF base. An estimated 100,000 people flocked to see Luigi Villoresi beat 22 others in his Maserati [on a track] marked by bales, ropes and canvas barriers. Silverstone racing history has begun.”
The group also posted the number of employees in the circuit, 89, and its revenue, $57 million. Another attack, this time in Dallas, would come the same month.
Dallas Central Appraisal District
A Nov. 8, 2022, attack took down the systems, servers, email and website of the Dallas Central Appraisal District (DCAD). The agency is responsible for appraising Dallas County properties for tax purposes. It said at the time that staff was working around the clock to restore…