Massive Cyber ​​Attack Hijacks Various City of Dallas Services

Although cyber attacks on entire cities seem like something out of a science fiction movie, the city of Dallas, Texas, experienced it firsthand when it was the target of a ransomware attack, which is keeping several of its services hijacked.

As reported by Dallas authorities, on Wednesday morning, the city's security monitoring tools notified the Security Operations Center (SOC) that a probable ransomware attack had been launched in their environment.

The city later confirmed that multiple servers were compromised with ransomware, affecting several functional areas, including the Dallas Police Department website.

Upon detection of the attack, the City team, together with its vendors, began to actively work to isolate the ransomware to prevent its spread, to remove the ransomware from the infected servers, and to restore currently affected services. Efforts to recover the operation of all city services continued on Thursday afternoon.

“Since the City of Dallas Information and Technology Services detected a cyber threat Wednesday morning, employees have worked hard to contain the problem and ensure continuity of service to our residents. Although the source of the outage is still being investigated, I am optimistic that the risk is under control,” said Dallas City Manager TC Broadnax.

The City of Dallas is working around the clock to contain a network outage + restore service. For updates visit: https://t.co/8oyxaKDGah.

— City of Dallas (@CityOfDallas) May 4, 2023

Identify the attackers

Dallas authorities reported that a group called Royal initiated the attack that is keeping several city services down more than a day after the ransomware attack.

Ransomware or 'data kidnapping' in Spanish, is a type of harmful program that restricts access to certain parts or files of the infected operating system and demands a ransom in exchange for removing this restriction.