Did the Dallas Ransomware Attack Put Lives at Risk?

  • Thread starter bob012345
  • Start date
  • Tags
    hackers
In summary, the city of Dallas has been the target of a Ransomware Attack by criminal hackers for almost a week now. Some city services are still out. The public is not being told much except they think it is by a group called 'Royal'. Fire, Police, ambulance were all compromised as well as the other city services. I don't know if anyone died as a result of the attack but I would not be surprised.
  • #1
bob012345
Gold Member
2,134
941
The city of Dallas has been the target of a Ransomware Attack by criminal hackers for almost a week now. Some city services are still out. The public is not being told much except they think it is by a group called 'Royal'. Fire, Police, ambulance were all compromised as well as the other city services. I don't know if anyone died as a result of the attack but I would not be surprised.

https://www.washingtonpost.com/poli...ights-ransomwares-risks-public-safety-health/
 
  • Sad
  • Informative
  • Wow
Likes Wrichik Basu, dlgoff and berkeman
Physics news on Phys.org
  • #2
If this is state-sponsored and someone dies, the US should send a half dozen cruise missiles into the capital of the sponsor. While they will not convince anyone that it is wrong to do this, they may convince them that it is unsafe to do this.
 
  • Like
Likes russ_watters and bob012345
  • #4
Vanadium 50 said:
If this is state-sponsored and someone dies, the US should send a half dozen cruise missiles into the capital of the sponsor.
Looks like we already tried that. Well, it was more like a guided weather balloon that was shot down at the last second...

230503150138-01-kremlin-purported-drone-attack.jpg

https://www.cnn.com/2023/05/04/europe/kremlin-drone-attack-analysis-intl/index.html

And if we're going to go after the hackers that sent the original phishing e-mails that gained them the access, shouldn't we also punish the dumb Dallas city ******s that opened those e-mails and clicked on the links? :wink:
 
  • #5
berkeman said:
And if we're going to go after the hackers that sent the original phishing e-mails that gained them the access, shouldn't we also punish the dumb Dallas city ******s that opened those e-mails and clicked on the links? :wink:
I see the wink but no, let's not blame the victims.
 
  • #6
bob012345 said:
I see the wink but no, let's not blame the victims.
I dunno. The Darwin awards come to mind, but usually those don't involve lots of collateral damage...
 
  • #7
bob012345 said:
I see the wink but no, let's not blame the victims.
Blame for the attack is a legal and/or moral culpability for the bad actions. It clearly does not apply to victims. But users are not free from personal responsibility for their own actions just because they were victims. Vigilance is an affirmative responsibility, and users can be blamed for their own actions regardless of the separate issue of the attack. Far too many people do not give digital security its due attention. For some circumstances such as for those with security clearances, that is its own crime.

You can't have a teachable moment without fault for an error. Step 1 of learning is acknowledging a mistake. And to that end, cybersecurity should involve routine testing of defenses with consequences for repeat offenders.
 
  • Like
Likes Astronuc and berkeman
  • #8
russ_watters said:
Blame for the attack is a legal and/or moral culpability for the bad actions. It clearly does not apply to victims. But victims are not free from personal responsibility for their own actions. Vigilance is an affirmative responsibility, and victims can be blamed for their own actions regardless of the separate issue of the attack. Far too many people do not give digital security its due attention. For some circumstances such as for those with security clearances, that is its own crime.

You can't have a teachable moment without fault for an error. Step 1 of learning is acknowledging a mistake.
Who says there is anything to teach or that it was some mistake by a civil servant? I think Russian professionals can hack into a system by themselves.
 
  • #9
bob012345 said:
Who says there is anything to teach or that it was some mistake by a civil servant? I think Russian professionals can hack into a system by themselves.
That's not usually how these things work. They are usually breaches due to phishing or similar email spam scams. A user clicks a bad link in an email or downloads and executes the virus/worm themselves.

https://security.berkeley.edu/faq/ransomware/
 
  • #10
bob012345 said:
Who says there is anything to teach or that it was some mistake by a civil servant? I think Russian professionals can hack into a system by themselves.
How many mandatory annual trainings have you gone through in this? How many phishing e-mails per month do you receive?
 
  • #11
russ_watters said:
That's not usually how these things work. They are usually breaches due to phishing or similar email spam scams. A user clicks a bad link in an email or downloads and executes the virus/worm themselves.

https://security.berkeley.edu/faq/ransomware/
Royal does that much of the time but also can gain direct control through other tools. Just found out that the Dallas Central Appraisal District was hit last year by Royal and they actually paid 170k to the hackers. Operations were impacted for 72 days. What a shame.
 
  • #12
Made you look. And run your anti-virus software now please...
 
  • Like
  • Haha
Likes JT Smith, gmax137 and topsquark
  • #13
berkeman said:
How many mandatory annual trainings have you gone through in this? How many phishing e-mails per month do you receive?
My company needs to step up their game. We had some training and a test more than a year ago and that's the only time ever, minus an occasional warning after half a dozen people click a malicious link in one attack. It's shockingly, head-shakingly easy to get people to click malicious links/attachments.
 
  • Like
Likes berkeman
  • #14
I now get 6-8 pretty realistic phishing e-mails a month, but fortunately our company e-mail system reminds us when e-mails orginate from outside our company (even if the source e-mail looks valid).

In my previous company, they added a few extra characters onto our e-mail addresses to make phishing e-mails pretty much non-existent.
 
  • Like
Likes russ_watters
  • #15
bob012345 said:
links gangs to Russian Intelligence service
  • That someone is guilty of other bad things doesn't mean they are guilty of this bad thing.
  • "Links" is a nebulous word - that's why I used the term "sponsor".
  • If a foreign power's position is "Give us money or we will damage your infrastructure and kill your people" they shouldn't be surprised if their intended victim takes steps that indicate this position is...um...imprudent.
 
  • Like
Likes gmax137, BillTre and russ_watters
  • #16
berkeman said:
How many mandatory annual trainings have you gone through in this? How many phishing e-mails per month do you receive?
I'm not on any company network, just a lone, private computer which is a Mac. I also get email on an iPad. I try to be very careful not to just click on unsolicited links in emails. Only once in a great while do I get a message that looks suspicious. I also try not to forward emails with unknown links to others, usually only links I generated or otherwise trust. But still, I could be fooled by professional criminals.
 
  • Like
Likes BillTre
  • #17
bob012345 said:
But still, I could be fooled by professional criminals.
While I'm sure it's possible, most of the time they don't put forth such effort, they just saturation bomb an easy/mediocre attack and pick off the weaker ones in the flock. Most pfishing attacks (including the major one we just had) can be thwarted simply by hovering your cursor over the link and reading the URL. But it only has to defeat a fraction of a percent of users to succeed.
 
  • Like
Likes BillTre, bob012345 and Astronuc
  • #18
When I was working, we would periodically get emails asking us to do this or that, secretly sent by the IT security guys. These were tests, to see if we would click, ignore, or report. The one I remember said "You have won a free pizza from [popular pizza joint down the street]!! click to get your coupon!" The email looked like a poster from the pizza place, very convincing reproduction of their logo and advertising slogans. I nearly fell for that one.
 
  • Like
  • Wow
Likes russ_watters and BillTre
  • #19
As of yesterday, Dallas' chief IT official refuses to rule out paying a ransom and says "all options are on the table". He said that there were no signs that banking data had been breached but told customers to "watch for any suspicious activity". I called my bank. They were unaware there was an attack. In the last attack on Dallas the city hired a third party to negotiate the ransom because Royal had encrypted the city tax database and the city had no paper or physical backup. This is why I opt for paper bank statements.
 

FAQ: Did the Dallas Ransomware Attack Put Lives at Risk?

Did the Dallas ransomware attack affect healthcare facilities?

Yes, the Dallas ransomware attack did impact some healthcare facilities. Cyberattacks on critical infrastructure can disrupt hospital operations, delay medical procedures, and limit access to patient records, which can potentially put lives at risk.

Were emergency services in Dallas compromised during the ransomware attack?

Emergency services, including 911 dispatch systems, were affected by the ransomware attack in Dallas. This disruption can delay emergency response times and hinder coordination among first responders, thereby posing a risk to public safety.

How long did it take to restore affected systems after the ransomware attack?

The time required to restore affected systems can vary depending on the severity of the attack and the effectiveness of the response measures. In the case of the Dallas ransomware attack, it took several days to weeks to fully restore all systems and ensure they were secure.

What measures were taken to mitigate the impact of the ransomware attack on public safety?

To mitigate the impact, authorities implemented contingency plans, including manual operations for critical services, increased cybersecurity measures, and collaboration with federal agencies to investigate and resolve the attack. Public advisories were also issued to keep residents informed and prepared.

Could the ransomware attack have been prevented?

While it is challenging to prevent all cyberattacks, implementing robust cybersecurity practices, regular system updates, employee training, and incident response planning can significantly reduce the risk and impact of ransomware attacks. In the case of Dallas, ongoing improvements and investments in cybersecurity are essential to prevent future incidents.

Similar threads

Back
Top