Dallas city sites still down after cyberattack
Add Axios as your preferred source to
see more of our stories on Google.
Illustration: Sarah Grillo/Axios
Several city services, including the municipal courts and the library catalog, remain offline after a ransomware attack on Dallas servers.
Driving the news: City officials have said it could take weeks before all systems are fully restored after the cyberattack on May 3.
- Calls to 911 and 311 have been handled through backup systems.
Why it matters: Ransomware attacks have become endemic, transitioning from a nuisance to a persistent threat to government agencies and businesses.
- The Dallas Central Appraisal District paid $170,000 after a similar attack in the winter, per the DMN.
How it works: Hackers install file-encrypting malware on an organization’s networks, taking its data hostage and shutting down systems until the hackers are paid.
- Many ransomware gangs are well-organized and regularly rebrand themselves to avoid detection.
Flashback: The appraisal district's site, servers and emails were shut down on Nov. 8.
- After that attack, Dallas IT staff "took immediate action" to update network firewalls and review the city’s own infrastructure, they said in a city memo.
Details: The appraisal district was targeted by ransomware gang Royal, which is also believed to be behind the most recent cyberattack.
- The group has targeted seven local governments, including Dallas', since 2022 and hit 14 educational institutions, reports Axios' Sam Sabin.
- Royal appears to include former members of Conti, a defunct Russian ransomware gang.
Threat level: Ransomware made up 68% of all cyberattacks last year, per a report from cybersecurity firm Sophos. The attacks dropped slightly in 2022 after skyrocketing in 2021.
The bottom line: Though some city services are still affected, it doesn't appear that personal data of residents, city employees or city vendors has been leaked, per city officials.