US’s ninth largest city has suffered a major ransomware attack and the attack has impacted many public websites and IT systems. Not only the data of almost 30,000 people was compromised but some sensitive data and Social Security numbers were compromised too. With each passing day, the problem of ransomware attacks has been expanding and causing problems for everybody. Nobody wants their personal information to be shared like this and never via hacking. Not only this is immoral but illegal too. But hackers still are not ready to give up yet.
What Exactly Happened in Dallas: A Detailed Rundown?
In May (2023), the city services of Dallas were affected due to a ransomware attack. The attack leaked information of 30,000 people and that number can still climb as per officials. Then in August, files with social security numbers were also stolen. This may include health insurance information and medical information.
The number is way too big but the Dallas officials clarified only some sensitive data was taken. The chief information and technology security officer, Mr. Brian Gardner informed it was the royal hacker group. They performed a survey on the system almost a month ago (that is April). This included reviewing user accounts, encrypting files, and downloading data.
By the time the hack was detected, the hackers already downloaded 1.2 terabytes of data. They tried hacking again the next day and then the attack shut down municipal court scheduling, computer-aided dispatching for the fire department and city police, and all the online payments of the city. Most of the online services were not available for use. Water utility service was also hacked.
With the emergence of so many problems, the city of Dalla did not give up. They came stronger with quick responses. Let us have a look at those crucial and helpful decisions:
Measures taken by the official
- As per the reports of the city officials and officers, after the incident, a cybersecurity program review was done by the Information and Technology Services Department.
- The City of Dallas conducted security and privacy assessments to find out the existence of any hackers and to find out the possibility of any further ransomware attacks.
- Recovery and backup processes were performed.
- The police department switched from an online dispatch system to a 911 manual call dispatch system.
- Public safety and security were kept as the top priority the whole time.
- The police chief Eddie Garcia informed and assured “ We want to ensure the public that even with these internal difficulties, police response continues across the city, Regardless of the uphill battles, our men and women will always answer calls for service”.
- As discussed above, water services were hacked but the city kept the taps running.
- The FBI also formed a force especially to look into this incident
- The city has increased the budget for cybersecurity spending in its yearly budget.
- $8.5 million is stored for recovery and mitigation efforts and cyberattack prevention.
Read Here: Rackspace Ransom Attack : The Ransom Attack On Rackspace Led To 30,000 Customer Email Outages
The Royal Ransomware Gang and its incentive
As per the experts, the group started its operation in May 2022 and after a year CISA that is Cybersecurity and Infrastructure Security Agency warned the organisations against it. The agency also informed, that the gang always demands huge amounts that can go to millions. Till November (2022) the gang had already received around $170,000.
Everything related to the incident was unknown till the city released: “Ransomware Incident: May 2023 Incident Remediation Efforts and Resolution”. The report mentioned everything in detail. From tools and techniques used, the timeline of attack to initial attacks. However, the report did not mention how the service accounts were compromised. What we know is the attack involved compromised credentials and the vast knowledge of hackers about the organizations they attacked. The gang tricked the employees of these organizations to give their information and credentials.
Dalla was also blackmailed for money. The amount is still not known but it does not matter anymore. Till now, money is the only demand that they have come up with. However, the situation can accelerate at any point in time and can cost the firm more than just money.
Also Read: Verizon Visible Gets Attacked: Know More About The Cyber Threat
How not to fall victim to hacking?
- Analysis of network traffic and security logs should be done by every organization.
- A zero-trust framework should be built and vulnerabilities in an organization (that can lead to hacking) should be looked for.
- Antivirus software should be installed on all devices.
- All organizations and individuals should use complex passwords and should never use compromised and leaked passwords.
- Two-factor authentication should be used by both users and organizations.
- All should avoid using unsecured public wifi and networks.
- Organizations should help their users and workers enhance their security by using security apps. This adds another layer of protection.
- Always ignore spam. This will prevent the infiltration of hackers into the system.
- The machines and gadgets in use should be shut down to be less visible to hackers.
- The workers should be provided with cybersecurity training and effective employee training.
Conclusion
The hacking has become a never-ending problem. Every day we hear a new system or official sites or governmental websites getting hacked. This hacking has devastated many learning institutions and various government agencies. Hackers always find a way, no matter how strong your algorithm is or how good protection you provide to your users. The information that they hack is important and confidential and they are confidential for a reason and for that exact reason, they get an incentive to hack it.
Even after all this, our protection is in our own hands. No matter what happens we need to bounce back and fight stronger. Every user is advised to protect their information and use everything wisely. Precaution is better than cure. All users are advised to cultivate cyber awareness. The above-mentioned tips will help all users.
Read More: Tesla Robot Attack
