The City of Dallas is facing a major cyberattack that has disrupted its IT services and affected its emergency response systems. The attack, which occurred on Wednesday morning, was carried out by a group called Royal ransomware, which is known for using custom-made encryption and demanding high ransoms from its victims. Learn all the details with the following lines.
Read: Microsoft confirms PaperCut servers attacks linked to Cl0p and LockBit ransomware
All the details of the attack on the City of Dallas
According to the city’s statement, the Information and Technology Services department and its vendors are working around the clock to contain the outage and restore service, prioritizing public safety and public-facing departments. The city’s websites remain down as of Thursday, and a temporary website directs users to its Twitter account for updates.
“Wednesday morning, the City’s security monitoring tools notified our Security Operations Center (SOC) that a likely ransomware attack had been launched within our environment. Subsequently, the City has confirmed that a number of servers have been compromised with ransomware, impacting several functional areas, including the Dallas Police Department Website,” media statement from the City of Dallas.
The Dallas Police and Fire Rescue departments have been forced to use a backup radio system to dispatch officers to 911 calls, but they claim that response times have not been affected. The city has not disclosed the amount of the ransom demand or whether it intends to pay it. Royal typically asks for between $1 million and $11 million in Bitcoin, according to a joint advisory by the FBI and CISA.
Royal is a relatively new ransomware group that emerged in 2022 and consists of former members of other Russian-linked cyber gangs. It targets critical infrastructure with its own Royal ransomware variant, which evolved from earlier versions that used “Zeon” as a loader. The group also threatens to publicly release the encrypted data if the victim does not pay the ransom.
This is not the first time that Dallas has been hit by a ransomware attack. In late 2022, the Dallas County Central Appraisal District was targeted by a ransomware attack that lasted for 72 days and was believed to have originated from a phishing scam.
Keep in touch with our blog to read the latest news and innovations in the cybersecurity world.
Photo by Erin Hervey on Unsplash.
Facebook: Eagle Tech Corp
Instagram: @eagletech_corp
Twitter: @eagletechcorp
LinkedIn: Eagle Tech
YouTube: Eagle Tech Corp