The city of Dallas in Texas, USA, has confirmed that a ransomware attack knocked out essential services, including some 911 dispatch systems.
“Wednesday morning, the city’s security monitoring tools notified our Security Operations Center (SOC) that a probable ransomware attack had been launched in our environment,” the city wrote in a statement from press “Subsequently, the City has confirmed that multiple servers have been compromised with ransomware, affecting multiple functional areas, including the Dallas Police Department website.”
At the time of this writing, the Dallas Police Department website is down.
“The City team, along with its vendors, are actively working to isolate the ransomware to prevent its spread, to remove the ransomware from infected servers, and to restore currently affected services,” the announcement added. “The Mayor and City Council were notified of the incident in accordance with the city’s Incident Response Plan (IRP).”
Read more about cyberattacks affecting police forces in the US: Sensitive files of the San Francisco traffic police were allegedly leaked
Commenting on the news, Julia O’Toole, CEO of MyCena Security Solutions, said the fact that the attack is affecting crucial services such as the police, ambulance service and court proceedings could pose a serious risk to people
“Ransomware is arguably the biggest cyber security threat today, with organizations suffering devastating attacks every week. However, most ransomware attacks can be prevented when organizations regain control of their network access,” he added.
Stephen Gates, chief security expert at Horizon3.ai, echoed O’Toole’s point, adding that most successful ransomware attacks are mostly due to hidden vulnerabilities that have been lying dormant in the guts inside a network for some time.
“It’s imperative to get ahead of the game and find the vulnerabilities yourself by attacking your internal network the same way an attacker would,” Gates explained. “This is not a one-size-fits-all proposition, as you will never be able to manage your risk on a daily basis if you don’t know where you are vulnerable.”
The attack in the city of Dallas comes days after pediatric mental health provider Brightline warned patients that their data was compromised due to a breach related to a vulnerability in the secure Fortra file-sharing platform GoAnywhere MFT.
Source link
Recently, the Dallas Police Department was the victim of a ransomware attack, leaving their system compromised and the city scrambling for answers. This attack will cost the Dallas police an estimated $2.3 million, with the potential of many more millions in damages.
The incident has caused major disruption, particularly to the laptop/desktop and network systems that are responsible for everyday operations such as software and records management. As of now, the systems remain down, with all City of Dallas services, including police and fire services, impacted by the hack.
The Electronic Crimes Task Force, led by Dallas Police and the FBI, is working hard to identify and prosecute those behind this act. The ransomware gang – identified as Sodinokibi – is said to have demanded 300 Bitcoins in exchange for the data. Although the demand was not met and the attack was unsuccessful, the total damage created is still mounting and could go into millions.
We understand that this incident is deeply concerning to the Dallas community and beyond. At times like this, as a full stack tech company, Ikaroa has a responsibility to ensure that our data is secure and protected. We are committed to continuously review our security measures and make any needed improvements— putting the safety of our customers first and foremost.
We urge all organizations to be aware of their cyber posture. We suggest for businesses to have a method for managing and regularly auditing the security environment—as well as identifying security risks and patching vulnerabilities as need. No one is immune to cyber-attacks so a proactive approach to security is essential.
The Dallas Police Department incident highlights the need for all organizations, especially those with sensitive personal data, to invest heavily in their security. With the advancing complexity and sophistication of criminal organizations, security is something we all need to be mindful of.
