Dallas is experiencing IT and police communication outages following a ransomware attack on municipal systems.
(Bloomberg) — Dallas is experiencing IT and police communication outages following a ransomware attack on municipal systems.
City officials said in a statement Wednesday that hackers had compromised “a number of servers” and that they were working with vendors to try to control the spread of malware. With a ransomware attack, hackers lock up victims’ data or knock services offline, then demand an extortion payment.
“We have been having a system shutdown for the past two days now,” a Dallas 311 operator told Bloomberg News. “We are very limited in what we are able to access internally right now.”
The Dallas police department’s website was inaccessible when Bloomberg News tried to visit the page Thursday. The hack also affected the police dispatch system and resulted in the closure of local courts on Wednesday, TechCrunch reported.
“We appreciate your patience during this time,” the city website stated.
The “Royal” ransomware gang claimed responsibility for the attack. The group sent city officials a note that included a link to communicate with the hackers and discuss a payment, however the size of the ransom demand was not immediately clear. The Royal ransomware group didn’t respond to a request for comment.
The same gang previously claimed responsibility for an attack on the Lake Dallas Independent School District, according to Brett Callow, a threat analyst at cybersecurity firm Emsisoft. Any attack affecting police systems is particularly concerning, he said.
“That raises the possibility police data was exfiltrated, which can have serious consequences,” Callow said. “In past cases, prosecutions have had to be dropped and, in one particularly egregious instance, the hackers threatened to release info about informants to the gangs on which they were informing.”
In March, the US Cybersecurity and Infrastructure Security Agency published an advisory about Royal ransomware. The agency said that the group has made extortion demands ranging from $1 million to $11 million, and that it has targeted “numerous critical infrastructure sectors including, but not limited to, manufacturing, communications, healthcare and public healthcare, and education.”
The latest incident came after analysts warned that state and local government agencies in general presented targets for hackers because of financial and staffing shortages. “Attacks that affect critical government functions could result in serious operational disruptions and disclosure of sensitive information,” the Fitch Ratings service noted.
More stories like this are available on bloomberg.com
©2023 Bloomberg L.P.