How long will this thing go on? Why haven't we paid the ransom already. The city has been pretty quiet on this. Apparently some IT guy is supposed to provide an update Monday.
Ransomware attack on city of Dallas
4,745 Views |
38 Replies |
Last: 1 yr ago by $30,000 Millionaire
I think it's a bigger deal than they are publicly letting on. Dallas PD is still having to manually dispatch calls using note cards... just one example.
Sounds like it'll be months before all systems are fully restored.
A third party vendor of staffing software that the city uses was hit with a ransom ware attack about 18 months ago, and that system crashed for a while. You'd think the city would've learned from that.
A third party vendor of staffing software that the city uses was hit with a ransom ware attack about 18 months ago, and that system crashed for a while. You'd think the city would've learned from that.
When you pay your CIO 200K, this is what happens.
For a city that big, their IT shop is not ready for primetime.
...or from the ransomware attack that knocked the Dallas Central Appraisal District offline late last year.double aught said:
Sounds like it'll be months before all systems are fully restored.
A third party vendor of staffing software that the city uses was hit with a ransom ware attack about 18 months ago, and that system crashed for a while. You'd think the city would've learned from that.
I know that's the county and not the city, but you would still think that would have served as a wake-up call.
They are one of the worst IT shops in America. Have said it before. This isn't the first catastrophe that has befallen them. It's clown world over there.FTAG 2000 said:
For a city that big, their IT shop is not ready for primetime.
Why would they pay the ransom?
All city data is public domain; the threat to "leak" their data is empty.
Once the virus/ransomware was detected, the city reacted quickly enough that blocked the attacker from gaining access / control of their systems. And since the ransomware was already released into the network, there's no pulling it back. You have to go device by device to scan, scrub and reset before you can resume business as usual again. That's a lot of devices for a city this big.
So paying the ransom would be giving money for nothing in return. Not to mention that victims who pay ransoms can also be penalized for criminal or civil crimes if the group is a terrorist org.
All city data is public domain; the threat to "leak" their data is empty.
Once the virus/ransomware was detected, the city reacted quickly enough that blocked the attacker from gaining access / control of their systems. And since the ransomware was already released into the network, there's no pulling it back. You have to go device by device to scan, scrub and reset before you can resume business as usual again. That's a lot of devices for a city this big.
So paying the ransom would be giving money for nothing in return. Not to mention that victims who pay ransoms can also be penalized for criminal or civil crimes if the group is a terrorist org.
It's not just that they were threatening a data leak - my understanding is they were actually making some of the data inaccessible, which could lead to problems with criminal trials. Also took down the dispatching system and other internal systems, as mentioned above.
Not that I'm necessarily arguing to pay the ransom - if I remember correctly, DCAD paid the ransom and still wasn't able to get all of the data back.
Regardless, I'm sure they have their top personnel on it!
Not that I'm necessarily arguing to pay the ransom - if I remember correctly, DCAD paid the ransom and still wasn't able to get all of the data back.
Regardless, I'm sure they have their top personnel on it!
Is it? The city has tons of personal data that would be redacted and never released to the public. SSNs, bank accounts, medical reports. I don't know if that stuff was compromised or not, but they better be taking it seriously.713nervy said:
Why would they pay the ransom?
All city data is public domain; the threat to "leak" their data is empty..
Thread title caught my eye because the city of Dallas has owed me $35k since February. When my attorney contacted them at 90 days past due, the AP office blamed the late payment on the ransomware situation and basically told him to file suit if he wanted to, but stated that their electricity in the office routinely gets shut off for lack of payment (?!?) and so they didn't really feel that paying me was going to be a priority for anyone, anywhere. Long story short, I will never do any work for Dallas again. What a **** show.
aglaohfour said:
Thread title caught my eye because the city of Dallas has owed me $35k since February. When my attorney contacted them at 90 days past due, the AP office blamed the late payment on the ransomware situation and basically told him to file suit if he wanted to, but stated that their electricity in the office routinely gets shut off for lack of payment (?!?) and so they didn't really feel that paying me was going to be a priority for anyone, anywhere. Long story short, I will never do any work for Dallas again. What a **** show.
Third world. Jesus.
Third world is right. I can't imagine how furious I'd be if I paid taxes there and found out that they can't even keep the electricity on.
The funniest part is that the contracting process was more laborious than most agencies I've ever worked with. In fact the only ones that compare in terms of hoops I had to jump through and number of employees involved were State of New York DCJS and the US Department of State. Why go through all that if you know you're not going to pay anyway? They could've just cut me a PO and saved everyone the weeks of work and effort. We'd have ended up in the same situation anyway.
The funniest part is that the contracting process was more laborious than most agencies I've ever worked with. In fact the only ones that compare in terms of hoops I had to jump through and number of employees involved were State of New York DCJS and the US Department of State. Why go through all that if you know you're not going to pay anyway? They could've just cut me a PO and saved everyone the weeks of work and effort. We'd have ended up in the same situation anyway.
They're still planning to pay you, right? Eventually?
Your guess is as good as mine. The procurement officer I worked with is mildly apologetic and insists that they always pay contractors, eventually. But the AP people my attorney spoke with very much made it sound like it was a toss up. Their fiscal year starts Oct. 1, so if I haven't been paid by then I'll assume it's not going to happen.
aglaohfour said:
Your guess is as good as mine. The procurement officer I worked with is mildly apologetic and insists that they always pay contractors, eventually. But the AP people my attorney spoke with very much made it sound like it was a toss up. Their fiscal year starts Oct. 1, so if I haven't been paid by then I'll assume it's not going to happen.
i expect them to actually send you an invoice for interest.
The front page article in the DMN yesterday essentially gave zero updates to the situation. Library still screwed up. No police call data available.
aglaohfour said:
Your guess is as good as mine. The procurement officer I worked with is mildly apologetic and insists that they always pay contractors, eventually. But the AP people my attorney spoke with very much made it sound like it was a toss up. Their fiscal year starts Oct. 1, so if I haven't been paid by then I'll assume it's not going to happen.
Just more lawlessness as we break down as a society.
I realize this is probably a dumb question, but...
Why, after replacing all the hard drives on all county machines, does the county not reinstall the backup they surely have? I can understand not wanting to take a chance on putting it back on current drives. Plus, they may want to take current machines and servers out of service.
Assuming they have sufficient backups, I'm wondering if something else is at play -- something they don't want the public to find out about. OR, is this a situation where backups simply do not solve the problem?
Why, after replacing all the hard drives on all county machines, does the county not reinstall the backup they surely have? I can understand not wanting to take a chance on putting it back on current drives. Plus, they may want to take current machines and servers out of service.
Assuming they have sufficient backups, I'm wondering if something else is at play -- something they don't want the public to find out about. OR, is this a situation where backups simply do not solve the problem?
Depending on how long the ransomware has been in their system, it's possible all backups could be corrupted.
Fenrir said:
Depending on how long the ransomware has been in their system, it's possible all backups could be corrupted.
There's no way to "clean" those files?
It's laughable you think Dallas has backups.
powerbelly said:
It's laughable you think Dallas has backups.
That's why I phrased it as a dumb question. I don't attach anything rational with Dallas, city or county. I don't know who's more incompetent AND corrupt: the city, county, or school district. However, I was wondering what a sound practice might involve.
I tried cases in Dallas county for many years. I will no longer touch their court system in any way.
Ransomware works because they lock you out of access to all your files. That doesn't work if they can just revert back to a recent but older backup.
And while I have no doubt the city of Dallas did not have their security up to snuff, reality is most local government and business tech infrastructures are susceptible to any talented hacking group. Throw in the ease of social engineering some of these offices and it's honestly surprising this stuff doesn't happen more often.
I just recently received an email from Dallas Public Library, announcing they're now "back in business!" after loss to their card catalog system due to the ransomware attack.
They also put out a plea for volunteers to help restock the shelves after they process all the check-ins. Oof.
They also put out a plea for volunteers to help restock the shelves after they process all the check-ins. Oof.
91AggieLawyer said:powerbelly said:
It's laughable you think Dallas has backups.
That's why I phrased it as a dumb question. I don't attach anything rational with Dallas, city or county. I don't know who's more incompetent AND corrupt: the city, county, or school district. However, I was wondering what a sound practice might involve.
I tried cases in Dallas county for many years. I will no longer touch their court system in any way.
The idea of "backups" is SO nuanced --
* Have they tested their backups to ensure they can restore the data?
* How/where is the data stored? If it's on tape, do they have the right equipment and fiber paths to get that data out quickly? If it's in "the cloud," what are the data costs?
* What's their RPO? Do they have a backup that'll hit the mark, or nah?
* Was the backup stored in such a way that it wasn't susceptible to the ransomeware attack?
* Do they have any infrastructure to restore to that isn't susceptible to re-infection?
I could go on and on.
You didn't hear it from me, but the rumor is that the ransom event originated from a member of the city council….
$30,000 Millionaire said:
You didn't hear it from me, but the rumor is that the ransom event originated from a member of the city council….
Oh brother.
$30,000 Millionaire said:
You didn't hear it from me, but the rumor is that the ransom event originated from a member of the city council….
Still less corrupt than the police and council teaming up to force businesses to pay mob perfection money
$30,000 Millionaire said:
You didn't hear it from me, but the rumor is that the ransom event originated from a member of the city council….
Username checks out that he's from Dallas
Somehow this is Philip Kingston's fault.$30,000 Millionaire said:
You didn't hear it from me, but the rumor is that the ransom event originated from a member of the city council….
Fact. Probably.Robert C. Christian said:Somehow this is Philip Kingston's fault.$30,000 Millionaire said:
You didn't hear it from me, but the rumor is that the ransom event originated from a member of the city council….
What is context here?Decay said:$30,000 Millionaire said:
You didn't hear it from me, but the rumor is that the ransom event originated from a member of the city council….
Still less corrupt than the police and council teaming up to force businesses to pay mob perfection money
Featured Stories
See All
58:45
3h ago
2.2k
13:46
5h ago
2.0k
Head coach Buzz Williams dives into Texas A&M's bye week routine
by Billy Liucci
Potent offense should be solidified by portal adds, talented youngsters
by Mathias Cubillan
17:09
6h ago
1.3k
Presenting Texas Aggies United's 'Florida Slam Dunk' Sweepstakes!
by Texas Aggies United
BOBHICA
Baseball America polled 50 coaches on the 2025 national champion
in Billy Liucci's TexAgs Premium
73
Fat Black Swan
Baseball America polled 50 coaches on the 2025 national champion
in Billy Liucci's TexAgs Premium
38