Dallas reinstates essential emergency response systems
The widespread outage caused by last week's ransomware attack in Dallas has largely been resolved as of Monday, with the Dallas Police Department and city's websites restored as of Sunday. However, the city's computer-assisted dispatch system is still being recovered and restored, and a complete resumption is expected early this week.
The ransomware attack, attributed to the Royal ransomware group, has been a cause for concern since its inception. The group, which mainly comprises former members of the Conti ransomware group, has been targeting US organizations, particularly those in healthcare, manufacturing, and education.
The Royal ransomware group, first observed in mid-2019, is known for using multiple types of extortion to pressure victims to pay the ransom demand. In fact, the group has made ransom demands up to $25 million, and nearly two in three organizations victimized by Royal to date are based in the U.S.
The Royal ransomware group has claimed responsibility for 157 organizations to date on its leak site and will harass victims until the payment is secured. Brett Callow, a threat analyst at Emsisoft, cautioned against any sense of relief regarding potential sensitive data exposure, emphasizing the need for vigilance.
The city has been working with CrowdStrike on incident recovery and response, and receiving assistance from state and federal authorities. The investigation into the Dallas ransomware attack includes reviewing system and transaction logs, dark web monitoring for City of Dallas data, and checking for data exfiltration.
As of the current investigation, there is no evidence or indication that any data has been removed during the attack. However, the city has not shared an assessment of the financial impact from the attack and did not provide a timeline for a full recovery of all city services.
One of the most significant disruptions caused by the attack was the suspension of the city's municipal court system since Wednesday, which is still offline. The city's IT department is almost done reviewing all 1,900 mobile devices in police and fire vehicles.
Despite the challenges, Dallas was able to respond to emergency police and fire response calls while the systems were down. The Department of Health and Human Services issued a warning about Royal in January, and the FBI and Cybersecurity and Infrastructure Security Agency issued a joint advisory about the threat actor in March.
Conti, the ransomware group from which many Royal members originated, disbanded in May 2022 and took down key pieces of its infrastructure to initiate a massive reset of operations. The Royal ransomware group, however, continues its operations, posing a significant threat to US organizations.
Read also:
- List of 2025's Billionaire Video Game Moguls Ranked by Fortune
- Dynamic exchange of power and data is shaping the network of tomorrow
- Italy passes legislation regulating AI, focusing on privacy protection, supervision, and safeguards for minors
- Enhanced Technologies for Privacy in Data Transmission and Network Sharing
