Locking down some of its IT systems, the city of Dallas, Texas, was able to block the spread of the ransomware onslaught. Dallas City, Texas, is home to over 2.6 million people, which makes it the tenth most populous city in the United States.
It was claimed on Monday morning by local media that the City’s police communications and IT systems had been taken offline due to a suspected ransomware attack.
This means that instead of using a computerized dispatch system, 911 operators must now enter reports received for police manually. Due to the security incident, the Dallas County Police Department website was down for a while but is back online now.
Today, FOX 4 was able to confirm that the whole episode was caused by a ransomware attack after receiving a message from the City, which is included below.
Early this morning, Dallas City’s security monitoring technologies notified our Security Operations Center (SOC) that a ransomware attack had likely been launched inside our environment. Based on the message, a copy of which was obtained by Fox 4, read: “thereafter, we have confirmed that a number of servers have been compromised with ransomware, impacting several functional areas.”
All affected services will be restored as soon as possible, and the team is working hard to contain the ransomware to stop its spread. This message is being sent as part of the City’s Incident Response Plan (IRP) to alert you to a current security incident. We’ll update you with the latest details, including any potential impacts on City services, as soon as we have them.
Since the city’s court system’s IT systems are down, BleepingComputer has confirmed that all jury trials and jury duty for May 2 through today have been canceled. Emsisoft security expert Brett Callow claims that ransomware attacks against municipal governments are common, with at least one incident reported every week.
“More than once a week, incidents involve US local governments,” Callow said. There have been at least 29 ransomware attacks this year, with at least 16 victims having their data taken. Dallas is the largest city to be targeted in quite some time, and most of the events have involved smaller governments.
Officials from Dallas City have acknowledged that a ransomware attack struck the servers of the Dallas Police and other city departments on Wednesday. Early on Wednesday, the DPD website was taken offline after the city’s security monitoring tools discovered a potential ransomware attack that had compromised many local servers. As of 2:00 p.m., the website was operational again. The City team and its vendors are working hard to isolate the ransomware in order to stop it from spreading, remove the malware from infected systems, and restore any services that have been affected as of late, according to city spokesman Jenna Carpenter in an email.
Carpenter said that any disruptions to Dallas residents should be kept to a minimum, but in the event of an emergency, anyone having problems using city services should phone 311 or 911. According to an article published by CBS11 on Wednesday afternoon, the failures affected DPD’s computer-assisted dispatch system, CAD. According to the station, call takers for dispatch were required to manually record orders for field cops. Only their phones and radios allow police to respond.