City of Dallas Operations Widely Disrupted by Ransomware Attack

May 2, 2023

The City of Dallas, Texas, has suffered a Royal ransomware attack, causing it to shut down some of its IT systems to prevent the attack’s spread. Local media reported that the City’s police communications and IT systems were shut down Monday morning due to a suspected ransomware attack. This has led to 911 dispatchers having to write down received reports for officers rather than submit them via the computer-assisted dispatch system. The Dallas County Police Department’s website was offline for part of the day due to the security incident.

“Wednesday morning, the City’s security monitoring tools notified our Security Operations Center (SOC) that a likely ransomware attack had been launched within our environment. Subsequently, the City has confirmed that a number of servers have been compromised with ransomware, impacting several functional areas, including the Dallas Police Department Website,” explained a media statement from the City of Dallas. “The City is currently working to assess the complete impact, but at this time, the impact on the delivery of City services to its residents is limited. Should a resident experience a problem with a particular City service, they should contact 311. For emergencies, they should contact 911.”

BleepingComputer has also confirmed that the City’s court system canceled all jury trials and jury duty from May 2nd into today, as their IT systems are not operational. Dallas is the ninth largest city in the United States, with a population of approximately 2.6 million people.

read more

Ransomware Attack Halts Public Postal Services in Greece

March 20, 2022

Ransomware hit ELTA encrypting its systems and halting operations in a major service disruption. “Threat actors exploited an unpatched vulnerability to drop malware that allowed access to one workstation using an HTTPS reverse shell.” To stop the spread, they shut down all data centers. Online parcel tracking and labelling is also down for customers. Full service was restored by April 6th. The attack affected mail system, financial transactions and bill payments.

read more

IT Systems of Hydraulic Office of Corsica Attacked by Ransomware

November 3, 2022

The Hydraulic Office of Corsica was hacked on the night of November 2 to 3. The agents were faced with 33 completely blocked computer systems. They immediately took them offline after the malfunctions were noted. A ransom, the amount of which has not been disclosed, has been demanded.

Two weeks after the event the company published a press release. They needed time to analyze and evaluate the damage on IT infrastructures,. And needed the time to assess the damage before deciding what to do. The company stated that essential activities are carried out normally, and “those relating to customer management will quickly be back to normal” . The problem remains mainly with the accounting and financial management of the organization. A large part of the historical data has been encrypted, “making this data inaccessible at this moment” .

read more

55 Counties in Arkansas Offline or Temporarily Closed by Cyberattack

November 5, 2022

A cyber-attack is causing county offices across the state of Arkansas to go offline or temporarily close. The breach happened the Saturday before the election. There’s 55 counties in Arkansas that were impacted by this ransomware attack. Each affected county is using the company Apprentice Information Systems for its online servers.

In Miller County, the county treasure, the county clerk and the county judges offices, are all having their computers swiped clean, and having the system re-loaded. County Treasure Teresa Reed says the firewall protected their system, but all the work stations were compromised. Right now, her office is handwriting everything.

At this time (18 November), county officials do not have a timeframe for when their computers will be back online.

read more

Ransomware Attack Paralyzes Vanuatu’s Government Ministries and Departments

October 30, 2022

The Office of the Vanuatu Government Chief Information Officer (OGCIO) has confirmed the Government’s Broadband Network has been compromised since Sunday, November 6, 2022. As a result all the online services such as email, network shares, VoIP services and other government online services offered by the government are currently down. This has paralysed all government ministries and department causing widespread delays throughout the country.

The cyber attackers demanded a ransom after the network was initially crippled last week, but Vanuatu’s government has refused to pay. The identity of the hackers and the value of the ransom has not been released. The Australian Cybersecurity Centre in the Australian Signals Directorate is assisting Vanuatu’s government in rebuilding the system, according to foreign affairs and security officials familiar with the situation. Vanuatu’s government has now been without effective access to its internal systems for more than a week as engineers attempt to rebuild the entire system from scratch.

read more

Over 800 Greece Government Services Targeted in Unprecedented Cyberattack

November 11, 2022

More than 800 services of Greece’s and TAXISnet, as well as medical prescriptions, were frozen by an unprecedented DDoS attack. The cyberattack reportedly came from the Netherlands and attempted to temporarily take down or even completely stop the operation of approximately 800 Government websites. Among the problems caused, was to disabling electronic prescriptions. Doctors on call could only issue handwritten prescriptions on the weekend, on-call pharmacies could not fill emergency prescriptions, nor could hospital doctors prescribe to patients in emergency rooms.

As of Sunday afternoon (2 days later) about 600 websites had been “cleaned up” and were allowed access again after initializing settings.

read more

Restricted Operations at City of Drensteinfurt, Germany after Cyberattack

November 28, 2022

From an ongoing police procedure, it was determined on Monday that a possible cybercrime attack on the city of Drensteinfurt was being prepared. This is currently being checked and the Münster police have been called in. To be on the safe side, the entire systems have been shut down.

The city administration will be available again by telephone from Wednesday, November 30th, 2022 during normal business hours. The disruption in the IT system continues and only limited operation without IT support is possible until further notice.

The Rinkerode branch will remain closed. The restrictions will last at least until December 9th, 2022. The systems are currently being checked and gradually put back into operation.

read more

Operations Disrupted: Mexico Airport Internet Cables Cut

November 25, 2022

Passengers missed connections because thieves cut the fiber optic cables leading into the Mexico City airport, forcing immigration authorities to return to using slow paper forms. Authorities said the thieves who mistakenly thought the fiber optic cables were sale-able copper. They stressed it happened outside airport property but, in fact, it was a cable conduit that leads directly into the airport from less than a mile away.

Rogelio Rodriguez Garduño, an aviation expert who teaches aeronautical law at Mexico’s National Autonomous University, said the events reflect a decades long decay in Mexico’s aviation regulation. Mexico, unlike most countries, doesn’t have an independent aviation agency.

read more

Cyberattack Paralyzes Bulgarian Food Safety Agency Electronic Services

August 6, 2022

The Bulgarian Food Safety Agency (BFSA) is unable to provide electronic services because the Agency’s website and servers have come under a cyber attack, the BFSA said in a press release on Monday. The attack was detected on August 6, and the BFSA’s full range of functionalities and services are currently inaccessible.

Work is underway to restart the electronic services. The cyber attack does not affect the operation of Bulgarian border checkpoints, the BFSA specified.

read more

Cyberattack Closes City Hall in Denver Suburb

August 29, 2022

The demand was big: $5 million to unlock Wheat Ridge’s municipal data and computer systems seized by a shadowy overseas ransomware operation. The response was defiant: We’ll keep our money and fix the mess you made ourselves.

“The city has made the determination not to pay a ransom,” Amanda Harrison, a Wheat Ridge spokeswoman, said this week. It took three weeks from the Aug. 29 cyberattack for Wheat Ridge to determine that it had adequate redundancies and the know-how to put its databases and systems back into operation without the help of the hackers, who demanded payment in a hard-to-trace cryptocurrency known as Monero.

Following the attack, Wheat Ridge had to shut down its phones and email servers to assess the damage the cybercriminals had done to its network. That, in turn, prompted the city to close down City Hall to the public for more than a week.

read more