City of Dallas First of Several Ransomware Attacks in 2023

A ransomware attack on the city of Dallas has brought the city’s 911 Computer Aided Dispatch to a halt, forcing first responders to rely on a backup radio dispatch system. 

Information Technology Director Bill Zielinski briefed Dallas City Council members publicly for the first time since the ransomware attack. No official news conference has been held.

“The city cannot comment on specific details related to the method or means of the attack, the mode of remediation or potential communication with the party launching the attack,” he said. “Doing so risks the criminal investigation or exposing critical information that could be exploited by the attacker.”

IT professionals with the city are unable to predict how long the computer systems will be affected. No personal data leaks have been reported.

The ransomware attack has also impacted the system used by police for offense reports and jail intake is also affected, forcing personnel to conduct those tasks manually. The Dallas Police Department’s website, internal share drives and applications for personnel matters are also affected, according to Dallas police Chief Eddie García.

García said the department’s operations have been “significantly impacted” by the outage. A group called Royal is responsible for the ransomware attack.

The city’s Information and Technology Services department “isolated the issue and is gradually restoring service prioritizing public safety and resident-facing departments,” the city said in a release on May 4.

The Dallas attack is just one of several impacting cities so far in 2023. The threat group, known as Play, began an attack on the City of Oakland computer systems in February. The group posted the data on its leak site. “The [February] attack is not affecting residents’ ability to call 911. Nor has it affected the city’s financial data or fire resources. The public also can still file crime reports on the city’s website,” according to Bay City News. 

The Oakland police officers’ union filed a claim against the city for damages suffered due to the ransomware attack. The claim from the Oakland Police Officers’ Association seeks monetary damages as well as credit monitoring services, bank monitoring services, credit restoration services and identity theft insurance.

Allen Park, Michigan was a victim of ransomware in March. “The ransomware threat by LockBit 3.0 was announced on the hacking group’s website on the dark web. Officials in Allen Park have not commented publicly on the threat,” according to CBS News Detroit. Hackers are threatening the city, demanding officials pay up or face a public release of all the city’s data. The ransomware threat by LockBit 3.0 was announced on the hacking group’s website on the dark web.

In its “Cost of a Data Breach 2022” report, IBM revealed an average ransom payment of $812,360. The actual ransom payment, however, is only part of the total cost of a ransomware attack, which IBM pegs at $4.5 million on average. IBM also noted that it takes an average of 49 days longer than other types of attacks for organization to identify and remediate ransomware breaches.

According to Corvus Insurance, there was a 60 percent increase in ransomware attacks between January and February alone.