Dallas City Systems Taken Down by Royal Ransomware

Courts closed, but police, fire rescues unaffected following ransomware attack.

Dark Reading Staff, Dark Reading

May 4, 2023

2 Min Read
City of Dallas Web page
Source: City of Dallas

Dallas city government systems are still not fully functioning following a cyberattack by the Royal ransomware group.

The City of Dallas confirmed the ransomware attack, but assured residents police and fire rescue services will continue uninterrupted.

"Wednesday morning, the City's security monitoring tools notified our Security Operations Center (SOC) that a likely ransomware attack had been launched within our environment. Subsequently, the City has confirmed that a number of servers have been compromised with ransomware, impacting several functional areas, including the Dallas Police Department Website," the city's statement said.

Twitter user Brett Callow shared a copy of a ransom note churned out of printers across the Dallas city network on the morning of May 3, threatening to leak data stolen from Dallas City systems.

"If you are reading this, it means your system were (sic) hit by Royal ... ," the note read. It goes on to offer to keep the data stolen from the City of Dallas secret — for a price.

City officials, meanwhile, said they are "currently working to assess the complete impact, but at this time, the impact on the delivery of City services to its residents is limited."

The Royal ransomware group reportedly has roots in the now-defunct Conti gang and has taken aim at the healthcare sector in the past. Now the group has turned its ransomware strain against Dallas.

The Dallas Morning News reported Royal was behind a 2022 cyberattack against the Dallas Central Appraisal District after an investigation revealed an employee likely fell for a phishing lure.

"Governments are starting to take the threat of ransomware very seriously, and with good reason," Christine Gadsby, vice president of product security, BlackBerry, said in a statement provided to Dark Reading. "Responding to incidents like this with transparency and establishing information-sharing protocols will give governments and organizations the best chance of protecting themselves against ransomware threats and avoid the high costs of downtime and ransomware payments."

About the Author

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights