On Wednesday, officials from the City of Dallas, Texas confirmed that a ransomware attack had caused significant disruptions to important services, including the 911 dispatch systems. The attack compromised several of the city’s servers, leading to extensive service outages, and resulted in the Dallas Police Department website being unavailable.
The City of Dallas website has posted a message acknowledging the service outage and stating that efforts are underway to restore services, while updates on the incident page confirm that all courts were closed on Wednesday and will remain closed on Thursday.
Melinda Gutierrez, a spokesperson for the Dallas Police Department (DPD), informed media that the outage resulting from the ransomware attack has affected the Computer Aided Dispatch (CAD) systems that dispatchers and 911 operators use to manage and record incident calls. This has reportedly forced 911 call takers to write down instructions manually for responding officers, according to local media.
However, Gutierrez clarified that there has been no impact on 911 calls, which are still being dispatched for service, and the police response remains unaffected by the outage.
It has been reported that printers connected to the City of Dallas network started printing ransom notes on Wednesday morning. The Royal ransomware gang has taken responsibility for the attack, with a URL provided on the note that directs to a contact form on Royal’s dark web victims site. The note disclosed that critical data was encrypted and threatened to publish it online if the ransom demand is not fulfilled.
It is currently unclear what data, if any, has been stolen from the City of Dallas as they have not yet appeared on Royal’s dark web leak site. The Royal ransomware gang was first discovered in early 2022 and was recently the focus of a joint advisory issued by the FBI and CISA. The advisory alerted that the group has targeted various victims both domestically and internationally, including organizations in manufacturing, communications, education, and healthcare sectors.
According to the advisory, the Royal ransomware gang gains entry to victims’ networks through callback phishing, where they send emails pretending to alert the victim of an upcoming or existing service charge and urge them to call a provided phone number for more information. Once inside, the hackers proceed to disable antivirus software and extract significant amounts of data before launching the ransomware attack and encrypting the network’s systems. The ransom demands issued by the group range between $1 million to $11 million, however, it is not known if the City of Dallas has received any such demands from the attackers yet.
According to ransomware specialist Brett Callow, there have been 29 recorded cyberattacks targeting local governments in the U.S. in 2023 alone.
Private Businesses Also at Risk
The Cybersecurity and Infrastructure Security Agency (CISA) observed a shift in criminal tactics. The attackers appeared to be scaling back their focus on large corporations and critical infrastructure, which draws more attention, in favor of smaller businesses that might go unnoticed.
The Ransomware Taskforce reported that in 2022, companies with fewer than 500 employees were targeted in 70% of attacks. The report’s authors concluded that the blueprint’s purpose was to address a key obstacle for small and medium-sized businesses with limited cybersecurity expertise, who face challenges in defending against ransomware attacks.
Ransomware Protection for Small and Medium Sized Businesses
No small business is too small to become a victim of a ransomware attack. In today’s interconnected world, cyber-attacks have become increasingly common and sophisticated, and no business is immune to them. Small businesses, in particular, are at a higher risk of cyber-attacks, with research showing that they are the primary targets for ransomware attacks.
- Financial Loss – One of the most significant reasons small businesses need cybersecurity protection against ransomware is the financial loss it can cause. Ransomware attacks can lead to the loss of sensitive data and financial information, causing damage to a small business’s reputation and leading to significant financial losses. In some cases, ransomware attackers may even demand a substantial ransom amount to release the encrypted data, leading to further financial losses.
- Loss of Business Operations – A ransomware attack can also lead to the loss of business operations. Small businesses rely heavily on their digital infrastructure, including websites, servers, and databases, to manage their day-to-day operations. If these systems are affected by ransomware, it can lead to significant downtime and loss of revenue. In extreme cases, a ransomware attack can lead to a complete shutdown of a small business, leading to further financial losses and even bankruptcy.
- Reputation Damage – Small businesses rely heavily on their reputation to attract and retain customers. A ransomware attack can lead to the loss of customer data and sensitive information, causing damage to a small business’s reputation. This can lead to a loss of trust and credibility among customers, resulting in a decrease in sales and revenue.
- Compliance and Legal Issues – Small businesses are often subject to legal and regulatory compliance requirements. A ransomware attack can lead to non-compliance, resulting in significant fines and legal issues. Small businesses must protect their data and systems to avoid these issues and comply with regulations and laws.
- Increased Risk of Future Attacks – Finally, a ransomware attack can increase the risk of future attacks on a small business. Cybercriminals often target businesses that have already been victims of cyber-attacks, viewing them as vulnerable targets. A successful ransomware attack can lead to increased attention from cybercriminals, leading to further attacks and financial losses.
Small businesses must prioritize cybersecurity protection against ransomware to protect their financial, operational, and reputational interests. A cybersecurity plan should include regular backups of data, installation of antivirus software, and regular updates to software and security systems. Small businesses should also consider investing in cybersecurity insurance to protect themselves from financial losses in the event of a successful ransomware attack.
It’s critical to educate employees about cybersecurity best practices and to implement measures to prevent ransomware attacks. By prioritizing cybersecurity, small businesses can reduce their risk of becoming victims of ransomware attacks and protect their data, operations, and reputation.
Partnering with a reputable cybersecurity company will go a long way in ensuring a ransomware attack will not mean a disastrous end for your business. We have helped many companies in the DFW area and beyond increase their cybersecurity posture. Contact us to learn more.