Ransomware attacks pose communications dilemmas for local governments | #ransomware | #cybercrime

In the early morning of May 3, the City of Dallas, Texas, was hit by a ransomware attack, for which the Royal ransomware gang later took credit. The city’s police, fire rescue, water service payment, and development systems, among others, were significantly hampered by the incident, forcing many departments to revert to handwritten and radio-related communications.

In a report dated May 31, released on June 9, the city said that more than 90% of the work to restore the systems was completed. However, departments that reverted to manual work were still working on updating the records in their systems.

Throughout the attack and still-ongoing remediation, the city has released little information to the public, saying, “This is an ongoing criminal investigation. The city cannot comment on specific details which risk impeding the investigation or exposing vulnerabilities that can be exploited by an attacker.”

On June 1, Catherine Cuellar, communications, outreach and marketing director for Dallas, emailed directions to the mayor and city council to share no details about how the city handled the attack. She advised them to restrict their constituent responses to three statements “Thank you for your inquiry,'” “Rest assured we are working with third-party experts and law enforcement, and our investigation is ongoing,” and “We will share updates as appropriate.”

When contacted by CSO on June 14 for more information on the attack, Cuellar responded via email, saying, “The City of Dallas remains committed to transparency and keeping our community informed with relevant updates related to this ransomware incident. We take seriously our responsibility to share consistent, fact-based information with the public. At this time, this matter remains under investigation. We will continue to share updates as appropriate on as new information becomes available.”

Dallas’s reluctance to share details surrounding the incident highlights what cybersecurity experts say is a delicate balance that local governments face when communicating to taxpayers about the details of ransomware attacks. On one hand, impacted citizens should know basic pertinent facts about the services disrupted by ransomware events. On the other hand, divulging too much information could play into an attacker’s hands and possibly reveal sensitive information that could embolden the threat actors or expose the government to further liability.

Copyright © 2023 IDG Communications, Inc.

Source link

National Cyber Security