Report offers new insight into Dallas ransomware attack – NBC 5 Dallas-Fort Worth
Report offers new insight into Dallas ransomware attack NBC 5 Dallas-Fort Worth
Report offers new insight into Dallas ransomware attack NBC 5 Dallas-Fort Worth
Dallas’ head of information technology says the city has almost fully restored its system after a ransomware attack four weeks ago.
Chief Information Officer Bill Zielinski told The Dallas Morning News that the city estimates being “more than 90% complete” in restoring IT systems and services since the cyberattack.
“Following the initial attack on May 3, the city has worked with its cyber response vendors and IT service providers to review, clean, rebuild and restore city computers and servers to normal operations,” he said.
Zielinski didn’t give a timeline on when the system would be fully restored. The city in mid-May said the recovery process could take several more weeks or months to complete.
The scope of the attack, the amount of work the city has done, and what’s left is still unclear as of Thursday. City officials have cited the criminal investigation as the main reason to not fully explain the incident, and Dallas’ communications director emailed the mayor and City Council members Wednesday urging them to stick to telling inquiring residents and media that an investigation is ongoing and that updates will be shared “as appropriate.”
Ransomware is often used to extort money from organizations by threatening to block access to files or release confidential information unless money is paid. The city hasn’t given any information about a potential ransom and has maintained that there is no evidence any personal information from employees or residents have been leaked.
Royal, the group suspected to be behind the cyberattack, on May 19 threatened to publicly release data stored by the municipal government. It doesn’t appear that has happened as of Thursday.
The city said several servers were compromised with ransomware early May 3 and that it intentionally took others offline to prevent the bad software from spreading. It led to several departments being hampered and some city services being unavailable, such as residents being unable to pay their water bills online or not being able to report non-emergency complaints via the city’s 311 app.
Catherine Cuellar, the city’s…
Early last month, the city of Dallas was hit with a ransomware attack by the hacker group Royal, which impacted a number of its websites.
The city’s online services were down for several days following the May 3 cyberattack.
Dallas Chief Information Officer William Zielinski told a city council committee at the time that the attack affected systems throughout the city’s network.
Here’s what we know was impacted by the ransomware attack:
The city says it’s been working with federal and state law enforcement to investigate the ransomware attack.
Meanwhile, city spokesperson Catherine Cuellar says workarounds remain in place as officials continue to restore public safety and public-facing services.
“Serving our residents remains a top priority, and while we…
Federal intelligence agencies say that Royal, a Russia-based hacking group, has pulled off more than a dozen ransomware attacks since February. During these attacks, the hackers will infiltrate computer systems of schools, hospitals or municipalities, and lock up all the data until a ransom is paid.
Royal is behind the recent ransomware attack against the city of Dallas. The hack has disrupted services across the board. But the group was busy before this most recent attack, both in and out of Dallas, targeting governments and organizations.
Simon Taylor, founder and CEO of the data backup company HYCU, told the Observer that it’s not a matter of if a ransomware attack will happen, but when, and that local governments should be prepared. “We’re seeing this more and more often. These cities and municipalities are being targeted by ransomware terrorists,” Taylor said. “The severity of an attack like this can be really really extreme.”
Silverstone Circuit
One of the higher-profile attacks was launched last November. When Royal pulls off a hack, the group posts about it on its blog. On Nov. 8, 2022, the group announced that it hacked Silverstone Circuit, one of the most popular racing circuits in the United Kingdom, according to techcrunch.com.
“The end of the the Second World War had left Britain with no major racetrack but plenty of airfields,” the group wrote in its post about the Silverstone Circuit hack. “On Oct. 2, 1948, the Royal Automobile Club hosted the first British Grand Prix at Silverstone, a former RAF base. An estimated 100,000 people flocked to see Luigi Villoresi beat 22 others in his Maserati [on a track] marked by bales, ropes and canvas barriers. Silverstone racing history has begun.”
The group also posted the number of employees in the circuit, 89, and its revenue, $57 million. Another attack, this time in Dallas, would come the same month.
Dallas Central Appraisal District
A Nov. 8, 2022, attack took down the systems, servers, email and website of the Dallas Central Appraisal District (DCAD). The agency is responsible for appraising Dallas County properties for tax purposes. It said at the time that staff was working around the clock to restore…