The good news is that nearly a month after a ransomware attack hobbled city services, 90 percent of the city’s network has been restored. The bad news? It might take a while to catch up. Some departments were forced to move to old-fashioned pencil-and-paper processes for weeks while the city’s information and technology services department assessed the damage and brought servers back online after the May 3 attack.
At the city council’s Public Safety Committee meeting Monday, Dallas Chief Information Officer Bill Zielinski told committee members that “multiple departments reverted to manual processes” as his department worked to bring systems back online. Because of that, some are still working on digitizing that information now that they have access to city systems again.
Last week, the city’s municipal court case processing system was brought back online, and courts reopened. On this week’s to-do list, Zielinski said, was restoring functionality to the city’s library system.
“We are actively working with the city’s vendor to complete work on an upgraded system for the library and anticipate completing that work over the course of this week,” he said. Until the system is restored, the online reservation system remains offline, and library staff is manually tracking the availability of items. Libraries are also not taking book returns, but you can borrow books. The Dallas Public Library does not charge fines for late returns.
Dallas Animal Services was also impacted by the attack. In an update, the city said that “workarounds remain in place” for public-facing services like DAS. Some people who tried to bring in lost or stray animals to Dallas Animal Services reported being turned away early last week, but DAS spokeswoman Amanda Atwell said that as of last Thursday, people should be able to bring in lost pets. However, she still encourages making an appointment through the agency’s website before doing so.
“We highly recommend appointments for owner surrenders,” Atwell said Thursday. “We are otherwise back to our normal intake policies. We appreciate the public’s patience as we work through this ongoing issue.”
Atwell said that appointments can be made at the DAS website, BeDallas90.org, or by calling 311. Emergency intake for animals that are in eminent danger, injured, or are a danger to the public do not require an appointment.
Sarah McGoldrick, vice president of animal operations at Operation Kindness, said that if you find a stray or lost pet, you can help lighten the load for DAS during this time by taking that stray to a local vet to check for a microchip first.
“They still need help from the community as they are at capacity for pets, particularly dogs,” McGoldrick said. “If a community member finds a loose pet, we recommend taking that pet to a local vet clinic to be scanned for a microchip. If a microchip is found, the microchip company or the clinic will be able to alert the owner that their pet has been found.”
She also suggested the finder create a lost pet report through sites like 24Pet Connect, PetCo Love Lost, and Pawboost. Taking the pet to DAS for a three-day hold will also allow the pet to get up-to-date on its vaccinations while looking for its owner. DAS and rescue organizations like Dallas Pets Alive also have foster programs if a finder would like to shelter the animal long-term at their home.
On Monday, Zielinski remained tight-lipped in the open session (there was an executive session to brief the committee as well) about the status of the investigation itself. He said the city is working with cybersecurity experts to secure its systems.
“We have implemented additional security software, conducted a system-wide reset of all user accounts, expedited the implementation of additional security controls that were already planned, and completely rebuilt impacted systems in a new secured environment,” he said.
And while previously, the city said it did not believe data had been extracted from its servers during the attack, there was a slight change in tone at Monday’s meeting.
On May 19, Royal, the group claiming responsibility for the attack, said it would soon leak data it says it obtained.
“We will share here in our blog tons of personal information of employees (phones, addresses, credit cards, SSNs, passports), detailed court cases, prisoners, medical information, clients’ information and thousands and thousands of governmental documents,” the group said. The same day, the city said it was aware of the claim, but insisted “there is no evidence or indication that the data has been compromised.” It did not say how it was certain.
Zielinski referenced that statement from Royal in Monday’s meeting, but this time, he did not insist that no data had been leaked. He instead said that the city’s team was working with law enforcement to determine whether Royal had obtained personal data.
“We fully understand the concern that this causes both to our city’s residents and as well to our employees, and we continue to investigate and are working with third-party experts in law enforcement to review and analyze the situation as expeditiously as possible,” he said. “If the investigation determines that an individual’s personal information has been involved in the theft of data, we will notify those individuals and provide resources to help protect their information in accordance with applicable law.”
The city of Dallas will not say if it’s negotiating with the hackers or if it might pay the ransom. One survey this year found that 80 percent of organizations attacked by ransomware gangs paid a ransomware demand.
Bethany Erickson is the senior digital editor for D Magazine. She’s written about real estate, education policy, the stock market, and crime throughout her career, and sometimes all at the same time. She hates lima beans and 5 a.m. and takes SAT practice tests for fun.