City of Dallas Ransomware

City of Dallas Ransomware AttackA ransomware attack on the city of Dallas, Texas, has negatively impacted city utilities and slowed emergency service response time. The city suffered a ransomware attack attributed to the hacker group Royal, Monday, May 1st. Network printers on the city’s network began printing ransom notes Monday morning with instructions on how to contact the hacker group.

The attack forced the city government to shut down IT systems to contain and mitigate the ransomware. Police and fire employees received an urgent message to unplug the computers in their emergency vehicles. Part of the systems taken offline were 911 dispatcher computers, which have forced emergency call centers to revert to pencil and paper for recording call details and communication with emergency services through radio. The Dallas Fire Fighters Association president said the first responders have received little guidance from city leadership. In the ninth-largest city in the United States, 911 calls are being missed because radio traffic is so busy. Emergency responders are not getting the follow-up information they are used to receiving from dispatch via computers.

Additionally, courts were closed Monday, utility bills could not be processed, and a handful of other non-emergency services were offline for a week. The city said they would add devices and services back to the network individually when it was safe to do so.

US cybersecurity agency CISA sounded the alarm on Royal as a ransomware group gaining power in early March. The CISA said they specifically target critical infrastructure sectors, including communications, education, and healthcare. First observed in 2022, the ransomware gang typically gains access through phishing links and exfiltrates large amounts of data before notifying the victim.

Ransomware groups are shifting their tactics to data extorsion. Hackers had to find a new way to make money when governments and law enforcement started breaking encryptions. Recent threats, including the printout from Royal, include threats to release or sell personal customer data.

Quanexus IT Support Services for Dayton and Cincinnati

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Charles Wright