One month after the Royal ransomware attack that struck the city of Dallas, officials announced that they have made significant progress in restoring their network. Despite the progress, there is still a long way to go before everything is completely restored. The attack took place on May 3, and affected many of the city’s services including non-emergency services, libraries, animal shelters, safety departments and online payment systems.
According to a statement released by the city of Dallas, the IT team has managed to restore 90% of the network that was affected by the ransomware attack. The threat actor behind the attack demanded a ransom payment, threatening to release sensitive private data if their demands were not met. However, the city refused to pay the ransom and no private data seems to have been released so far.
Reports suggest that the recovery phase has allowed officials to boost the software and functionality in many of the city’s public departments. “Our staff has worked tirelessly to restore and rebuild systems and return all systems to full functionality as quickly and securely as possible. At this time, we are more than 90 percent restored, with most public-facing services restored,” stated the city of Dallas in a released statement. The city also assured residents that they will continue to keep them updated with relevant information throughout the process.
Some of the systems that have been rebuilt and restored include the Dallas Water Utilities’ payment and meter reading system as well as the Dallas Municipal Court, though the Dallas Public Library systems remain in the process of being restored and upgraded. The city of Dallas also stated that they are working with cybersecurity experts to implement additional steps to further enhance their security posture, including deploying a system-wide reset across all user accounts, implementing additional cybersecurity software, expediting the implementation of additional controls, and completely rebuilding impacted systems in a new, secure environment.
The scope of the attack and what has not been restored has not been disclosed to the public, and officials have not stated when they expect all systems to be completely restored. This attack serves as a reminder of the growing threat of ransomware attacks and how organizations need to be better prepared to handle them.
It is important for organizations, both big and small, to have a disaster recovery plan in place and regularly test it to ensure that it is effective. Additionally, it is crucial to provide regular cybersecurity training to employees to ensure that they are aware of the latest threats and how to protect against them. These measures can go a long way in preventing ransomware attacks and help organizations to respond effectively if they are targeted.
Meanwhile, the city of Dallas has reiterated that they are working diligently to restore full functionality as quickly as possible, and are thankful for the patience and support shown by their community during this period of recovery. To minimize the risk of future attacks, officials will continue to work with cybersecurity experts to ensure that their systems are more secure than ever before.