The City of Dallas in Texas, US, has confirmed a ransomware attack took down essential services, including some 911 dispatch systems.
“Wednesday morning, the City’s security monitoring tools notified our Security Operations Center (SOC) that a likely ransomware attack had been launched within our environment,” the City wrote in a press release. “Subsequently, the City has confirmed that a number of servers have been compromised with ransomware, impacting several functional areas, including the Dallas Police Department Website.”
At the time of writing, the website of the Dallas Police Department remains unavailable.
“The City team, along with its vendors, are actively working to isolate the ransomware to prevent its spread, to remove the ransomware from infected servers, and to restore any services currently impacted,” the announcement adds. “The Mayor and City Council was notified of the incident pursuant to the City’s Incident Response Plan (IRP).”
Commenting on the news, Julia O’Toole, CEO of MyCena Security Solutions, said the fact that the attack is affecting crucial services such as the police, ambulance service and court proceedings could pose a severe risk to people.
“Ransomware is undoubtedly today’s biggest cybersecurity threat, with organizations suffering devastating attacks every week. However, most ransomware attacks can be avoided when organizations regain control of their network access,” she added.
Stephen Gates, the principal security expert at Horizon3.ai, echoed O’Toole’s point, adding that most successful ransomware attacks are primarily due to hidden vulnerabilities that have lain dormant within the inner bowels of a network for some time.
“It is imperative to get ahead of the game and find the vulnerabilities yourself by attacking your internal network the same way an attacker will,” Gates explained. “This is not a one-and-done proposition since you’ll never be able to manage your risk daily if you don't know where you’re vulnerable.”
The attack on the City of Dallas comes days after pediatric mental health provider Brightline warned patients that their data was compromised due to a breach related to a vulnerability in the Fortra GoAnywhere MFT secure file-sharing platform.