The City of Dallas has confirmed it has suffered a ransomware attack, one that has taken out critical services.
Dallas issued a media advisory detailing the attack, as well as the impacted services;
Wednesday morning, the City’s security monitoring tools notified our Security Operations Center (SOC) that a likely ransomware attack had been launched within our environment. Subsequently, the City has confirmed that a number of servers have been compromised with ransomware, impacting several functional areas, including the Dallas Police Department Website. The City team, along with its vendors, are actively working to isolate the ransomware to prevent its spread, to remove the ransomware from infected servers, and to restore any services currently impacted. The Mayor and City Council was notified of the incident pursuant to the City’s Incident Response Plan (IRP). The City is currently working to assess the complete impact, but at this time, the impact on the delivery of City services to its residents is limited. Should a resident experience a problem with a particular City service, they should contact 311. For emergencies, they should contact 911.
Ransomware gangs have increasingly been targeting cities, hospitals, and local governments, with many of them providing softer targets than multi-billion dollar corporations and major government agencies.