Dallas City Systems Taken Down by Royal Ransomware
Dallas city government systems are still not fully functioning following a cyberattack by the Royal ransomware group.
The City of Dallas confirmed the ransomware attack, but assured residents police and fire rescue services will continue uninterrupted.
“Wednesday morning, the City’s security monitoring tools notified our Security Operations Center (SOC) that a likely ransomware attack had been launched within our environment. Subsequently, the City has confirmed that a number of servers have been compromised with ransomware, impacting several functional areas, including the Dallas Police Department Website,” the city’s statement said.
Twitter user Brett Callow shared a copy of a ransom note churned out of printers across the Dallas city network on the morning of May 3, threatening to leak data stolen from Dallas City systems.
“If you are reading this, it means your system were (sic) hit by Royal … ,” the note read. It goes on to offer to keep the data stolen from the City of Dallas secret — for a price.
City officials, meanwhile, said they are “currently working to assess the complete impact, but at this time, the impact on the delivery of City services to its residents is limited.”
The Royal ransomware group reportedly has roots in the now-defunct Conti gang and has taken aim at the healthcare sector in the past. Now the group has turned its ransomware strain against Dallas.
The Dallas Morning News reported Royal was behind a 2022 cyberattack against the Dallas Central Appraisal District after an investigation revealed an employee likely fell for a phishing lure.
“Governments are starting to take the threat of ransomware very seriously, and with good reason,” Christine Gadsby, vice president of product security, BlackBerry, said in a statement provided to Dark Reading. “Responding to incidents like this with transparency and establishing information-sharing protocols will give governments and organizations the best chance of protecting themselves against ransomware threats and avoid the high costs of downtime and ransomware payments.”
Read More HERE