A ransomware attack has ensnared the city of Dallas, shutting down online and IT services at the municipal government, including local police.
On Wednesday, the city of Dallas confirmed a ransomware attack was behind the outage, which began on Monday, according(Opens in a new window) to local reports.
“Subsequently, the city has confirmed that a number of servers have been compromised with ransomware, impacting several functional areas, including the Dallas Police Department Website,” the city said in a statement(Opens in a new window).
City officials are now working with cybersecurity vendors “to isolate the ransomware to prevent its spread,” the statement added. This includes scrubbing infected servers. Hence, residents can expect online city services to remain offline until the IT systems have been fully wiped and restored. Currently, the sites for Dallas city hall(Opens in a new window), city courts(Opens in a new window) and city police(Opens in a new window) are down.
Visiting the Dallas city police website will produce this error.
Ransomware works by encrypting entire fleets of computers, rendering them inoperable. The hackers behind the attacks will then demand the victims pay up to free the computers, with the ransom sometimes reaching six figures or more.
According to BleepingComputer(Opens in a new window), the hackers printed out the ransomware demand on the city’s printers. A ransomware group called “Royal” is claiming responsibility.
The US’s own cyber authorities have already been warning(Opens in a new window) about Royal, and say the group has “made ransom demands ranging from approximately $1 million to $11 million USD in Bitcoin.” In the past, the gang has often infiltrated victim networks by using phishing emails or hijacking remote desktop protocol services.
Recommended by Our Editors
The other concern facing Dallas is whether the hackers stole sensitive information on municipal employees or residents. Last month, a separate ransomware gang that hit Oakland’s city government did just that, publishing a 10GB of database stolen from municipal services.
The attack is another worrying sign that the US is failing to make inroads against the ransomware scourge. Brett Callow, a security researcher at cybersecurity provider Emsisoft, noted(Opens in a new window) on Twitter: “At least 29 local governments have been impacted by ransomware already this year, and at least 16 of the 29 had data stolen.”
The Dallas city government didn’t immediately respond to a request for comment. But despite the outage, the city said, “at this time, the impact on the delivery of City services to its residents is limited.” So users can still contact non-emergency city services on the phone by dialing 311, or 911 for emergency help. The city has said it’ll post updates on restoring services on this page(Opens in a new window).
Like What You’re Reading?
Sign up for SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.