- BlackBit and LokiLocker Ransomware Attacks are on the Rise in Russia - August 17, 2023
- How Can Phishing be Used to Make Governmental Services a “Profitable Business”? - August 16, 2023
- The Most Dangerous Hacker Tools and How to Detect Them - August 16, 2023
A recent ransomware attack in Dallas has caused significant disruptions to city operations, adding to a series of intrusions that have plagued this densely populated region.
The Royal ransomware group has been actively targeting the Dallas metro area, launching attacks on multiple government institutions over the past six months.
Wave of Targeted Attacks Hits Appraisal District, School District, and City Services
In November 2022, a targeted attack on the Dallas Central Appraisal District signaled the start of the wave of assaults. The agency decided to pay a $170,000 ransom to restore access to its computers, according to a story in the Dallas Morning News.
The Royal ransomware gang attacked the Lake Dallas Independent School District in April. It was reported that almost 22,000 people’s personally identifiable information (PII) had been hacked in a notification to the Texas Attorney General’s office.
The recent attack on the city of Dallas has left critical services non-operational. Royal has issued threats to leak sensitive data unless a ransom is paid, although Dallas officials have stated that there is currently no concrete evidence of data being leaked.
Cybersecurity experts note that ransomware groups often strategize their campaigns based on geography or industry, targeting areas with lower security costs and the potential for higher profits.
Vulnerabilities Explored: Speculations on Attack Methods and the Target-Rich Dallas Region
Charles Henderson, worldwide managing partner and head of IBM Security X-Force, speculates that Royal may have discovered a flaw in a vendor providing services to several organizations in the Dallas area or started a phishing effort in connection with a noteworthy nearby event.
Government institutions, towns, and municipalities make for appealing targets for cyberattacks because of their wealth of valuable data and scarcity of resources. The Cybersecurity and Infrastructure Security Agency (CISA) uses cybersecurity performance targets and other tools to support such target-rich but resource-poor situations.
Given that it is the sixth-largest economic output region in the United States, the Dallas-Fort Worth metropolitan area makes for an alluring target for hackers. The Bureau of Economic Analysis estimates that in 2021, its gross domestic product (GDP) amounted to $598 billion.
Regarding the current spate of attacks in the Dallas region, CISA has held back from making any remarks. The agency identified phishing as the principal first access technique used by the Royal gang in a cybersecurity alert published in March, followed by the exploitation of remote desktop protocol, programs with public facing interfaces, and brokers.