Dallas, Texas hit by ransomware attack
Police and court websites have been impacted by the attack, which seems to have been executed by the Royal ransomware group
A ransomware attack struck the US city of Dallas, Texas on Wednesday, leading to outages in its Police Department and City Hall websites, as well as the cancellation of several jury trials.
According to officials, certain IT systems were shut down to prevent further damage from the cyberattack.
At the time of writing, the website of Dallas City Hall showed the following message: "The City is experiencing a service outage and is working to restore services. We appreciate your patience during this time."
Officials confirmed the ransomware attack in a media statement, noting that the incident had only caused a minor impact on the delivery of city services.
"Wednesday morning, the City's security monitoring tools notified our Security Operations Center (SOC) that a likely ransomware attack had been launched within our environment. Subsequently, the City has confirmed that a number of servers have been compromised with ransomware, impacting several functional areas, including the Dallas Police Department Website," the statement explained.
"The City is currently working to assess the complete impact, but at this time, the impact on the delivery of City services to its residents is limited."
No information was given by the officials on whether there were any specific financial demands made or any other details related to the incident.
Kristin Lowman, a spokeswoman for the Dallas police, told The Dallas Morning News that the department's website was down due to an outage.
Dallas Fire-Rescue spokesman Jason Evans said that the outage did not seem to impact 911 calls, although it did create issues with a computer-assisted dispatch system utilised to aid firefighters in responding to emergency calls.
"DFR has been running on manual dispatch operations since early this morning," Evans said.
According to a report by BleepingComputer, the ransomware attack was likely executed by the Royal ransomware group.
Multiple sources told the publication that network printers on the City of Dallas' network printed out ransom notes, in which the hackers claimed they had encrypted the city's critical data. They also threatened the officials of exposing confidential data on the internet.
The Royal ransomware group is thought to be a branch of the Conti cybercrime syndicate, which gained attention after Conti shut down its operations.
Although Royal is recognised for breaching networks using weaknesses in internet-exposed devices, it generally employs callback phishing attacks as a means of initial access to corporate networks.
Such attacks involve fraudulent emails posing as subscription renewals from food delivery and software providers.
Brett Callow, a threat analyst at Emsisoft, said that Royal is one of the most active ransomware groups and is responsible for as much as 10% of all ransomware attacks in the US, including an attack last month on Lake Dallas Independent School District.
Callow noted that ransomware attacks on local governments are occurring at a rate of over one per week.
As per reports, there have been 29 reported cyberattacks on local governments in the US this year alone.
The City of Oakland, California suffered a ransomware attack in February which resulted in the city's IT systems being shut down.
Ransomware has become one of the most expensive and disruptive problems for companies across the globe in recent years.
Last year NordLocker examined 18 sectors in various countries where businesses suffer the most ransomware attacks, and found that business services suffered the highest number of ransomware attacks (10.1%), followed by education (9.7%), construction (8.9%), transportation (7.7%), manufacturing (7.3%) and public sector institutions (5.7%).