Tag: Recovery | Page 4

Dallas Officials Say Ransomware Recovery Could Take Months

May 14, 2023/in Internet Security

(TNS) — It could be months before Dallas systems are fully restored after a cyber attack last week, city officials said Thursday.

Dallas information technology staff are still working with consultants and outside groups to help review and clean servers possibly impacted by ransomware with a focus on restoring systems from public safety departments first, then other public facing agencies, and then everything else. But it’s the restoration of some internal systems described as having background functions that will likely take the longest to complete.

“We are going to be working at this for weeks and months to do all the clean up,” Brian Gardner, the city’s chief information security officer, told The Dallas Morning News Thursday.

Gardner and Jack Ireland, the city’s chief financial officer, said no evidence has been found at this point that data stored by the city of personal information from employees and residents was leaked, nor is there any evidence found that internal data stored, such as police evidence or municipal court files, have been lost. They both said investigations and monitoring are still ongoing.

“We took some things down as precaution, probably more than we needed to, in order to isolate and make sure that it was clean before it was brought back into service,” Ireland said. “So it is taking some time to work through those different systems.”

Thursday marked day nine of the city dealing with the fallout of a ransomware attack from last Wednesday. Ransomware is a type of software often used to extort money from organizations by threatening to block access to files or release confidential information unless money is paid.

Ireland declined to say whether the city has issued any ransom, citing an ongoing criminal investigation by the Dallas police and FBI.

“There are things we’re just not able to share because it is an open investigation and a criminal act against the city,” said Ireland, who oversees the city’s information and technology services department.

City Manager T.C. Broadnax said Ireland “didn’t share specifics about any requests,” and that he wasn’t…

Source…

Ransomware recovery underway at National Gallery of Canada

May 13, 2023/in Internet Security

Ransomware recovery efforts are ongoing at the National Gallery of Canada, which is one of North America’s largest museums, following an attack on April 23, which has prompted an IT system shutdown, …

Source…

Gateway Casinos in Ontario face long road to recovery after ransomware attack, expert says

April 28, 2023/in Internet Security

Several casinos in Ontario remain closed nearly two weeks after a cyberattack, with no official reopening date.

The ransomware attack that knocked the servers out to Gateway Casinos facilities was first detected on April 16.

Technology analyst Carmi Levy said the situation is the digital equivalent of recovering from a major fire or similar disaster.

“It’s as bad as it gets. And unfortunately, the damage is going to take years to undo, even if they are able to undo it,” the London, Ont.-based digital expert said. “You don’t just flip a switch and come back on.”

On Thursday, Gateway posted online it hopes to reopen using a phased approach “later this week; however, the reopening timeline depends on the pace of restoration and approval by regulatory bodies.”

The cybersecurity incident impacted operations to 14 casinos, including Casino Rama in Orillia, Georgian Downs in Innisfil, and Playtime Casinos Wasaga Beach.

According to Levy, the recovery procedure is a “multi-faceted, multi-staged process” involving highly-trained people.

“We call these ‘business killer events’ for a reason. Many companies that are targeted successfully by ransomware never fully recover. The direct costs will be into the millions if not the tens of millions or beyond,” the tech analyst said.

While the company has said there is no evidence to believe customer’s data was breached, Levy believes it’s possible.

“There is a very strong likelihood that it has been – that it is either being bought and sold on the dark web or will be at some point in time because all of these ransomware events tend to play out in the same way. There’s no coming back from that. ,” he noted.

While Casino Rama’s gaming floor remains closed to gamblers, the Orillia facility welcomed back concertgoers Thursday night in an attempt at getting some operations back to normal.

“The concert was very well attended, and people seemed very excited to be there,” said Rob Mitchell, director of communications at Gateway Casinos and Entertainment Limited.

A Scotty McCreery concert is scheduled to go ahead on Saturday.

Still, the digital analyst believes Gateway will have a long road…

Source…

CISA, FBI recovery tool no match for updated ESXiArgs ransomware encryption

February 17, 2023/in Internet Security

Malwarebytes researchers noted that vulnerable VMware ESXi virtual machines impacted with the updated ESXiArgs ransomware could not be decrypted with the data recovery script issued by the …

Source…

Tag Archive for: Recovery