(844) 627-8267 | Info@NationalCyberSecurity
(844) 627-8267 | Info@NationalCyberSecurity

Dallas Getting Back Online After Recent Ransomware Attack | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware

The city of Dallas is still working to get all of its systems back online after a ransomware attack last week. It’s making steady progress. As of Monday, dallascityhall.com and dallaspolice.net are functioning again after the attack knocked them down for several days.

Ransomware is a kind of malware that locks people out of their own data and computers until they agree to pay a ransom.

The municipal court system is still down from the hack, so citations due to the court will be accepted after it gets restored. People with a citation to pay or documents due to the court while the system is down will be given an extension without penalty.

No one’s personal information has been leaked as a result of the attack, according to the city. If this changes, the city said it would reach out to people whose personal information may have been compromised. If anyone reaches out claiming to be with the city of Dallas asking for a payment or personal information, the city said to take down their name and number and report it to them.

911 and 311 calls are still being taken by phone and radio dispatch while the city’s computer assisted dispatch systems are being tested to make sure they’re not still infected with malware. The city said in a statement Monday that the computer assisted dispatch systems should be up and running again some time early this week.

While all of this is subject to an ongoing criminal investigation, preventing the city from saying much about it or whether a ransom will be paid, it said in the statement that it is exploring all options to remediate the hack. As for how all of this happened, the city pointed out that most common ransomware attacks target vulnerable systems with weak or default credentials, or use phishing to trick users into giving up their information for fraudulent purposes.

The city didn’t say exactly how many devices have been affected by the hack. But there are some 1,900 mobile devices shared between the Dallas Police Department (DPD) and Dallas-Fire Rescue (DFR) that are used for the computer assisted dispatch systems, and all of those devices are down for testing. “As city staff and contractors review devices, ensure they are secure, and bring them online, computer assisted dispatch (CAD) functionality will increase for DPD, DFR and 311,” the city said in its statement.

“[Ransomware] can cripple a company, companies, industries, nations.” – Dan Cogdell, attorney

tweet this

The city experienced a separate network outage in April but said it had nothing to do with the ransomware attack. This outage was caused by hardware failures that led to interruptions in AT&T services to the city.

The group allegedly behind the attack is called Royal, and it was responsible for the hack of the Dallas Central Appraisal District website in November 2022. This took the site down and interrupted services for 72 days.

The ransomware group is detailed in an advisory published by the FBI and U.S. Cybersecurity and Infrastructure Security Agency (CISA) in March. It said Royal has pulled off successful attacks across the country, demanding ransom payments between $1 million to $11 million to be made in Bitcoin.

Dan Cogdell, a partner with the law firm JonesWalker who specializes in white-collar criminal defense and has worked on a number of hacking cases over the years, told the Observer. “It’s potentially devastating,” Cogdell said, describing ransomware. “It can cripple a company, companies, industries, nations.” He said bank robbers rob banks because that’s where the money is. Ransomware attacks are no different, he said. “This is the new thing,” he said. “This is the wave of the future.”

In 2019, another ransomware group called REvil (also referred to as Sodinokibi), swiped data from 22 Texas municipalities, demanding $2.5 million. The group never got this payment, but kept pulling off hacks around the world. In 2021, two foreign nationals were charged for their involvement in deploying the attacks.

That attack didn’t affect Dallas. But another in 2021 did indirectly. That year, Ultimate Kronos Group, the human resources company that provides time-keeping services, told the city of Dallas that it had been the subject of a ransomware attack. The company provides time-keeping services for Dallas, so some 2,411 of the city’s hourly employees were affected. Despite the hack, the city made sure all of those employees got their paychecks.


Click Here For The Original Source.

National Cyber Security