Dallas restores core emergency-dispatch systems

Dallas officials on Monday said critical services have been restored following a widespread outage caused by last week’s ransomware attack. The Dallas Police Department and city’s websites are back online as of Sunday, Bill Zielinski, CIO for the City of Dallas, said during a city council public safety committee meeting.

The city continues to recover and restore access to its computer-assisted dispatch system. The city’s municipal court system remains offline, and court hearings and trials have been suspended since Wednesday.

“We have made tremendous progress in fully restoring functionality to the computer-aided dispatch system,” Zielinski said. “The core part of the system is fully restored. It has been online for several days and available for use by both fire and police departments.”

The city’s IT department is almost done reviewing all 1,900 mobile devices in police and fire vehicles, and it started turning those on and reconnecting devices to the network. When that process is complete, “we’ll have full and complete dispatch capability to where we have moved wholly away from the manual operations,” Zielinski said.

A complete resumption of computer-assisted dispatch will be achieved early this week, the city said Monday in an update on the ransomware attack response. Dallas was still able to respond to emergency police and fire response calls while the systems were down.

Ransom demand unknown

While Dallas officials blamed the attack on Royal, the city did not say whether the prolific ransomware group made a ransom demand. The city is exploring all options to remediate the incident, Zielinski said.

“This is an ongoing criminal investigation and the city cannot comment on specific details related to the method or means of the attack, the mode of remediation or potential communications with the party launching the attack,” Zielinski said. “Doing so risks impeding the investigation or exposing critical information that can potentially be exploited by the attacker.”

The city is working with CrowdStrike on incident recovery and response, and receiving assistance from state and federal authorities.

The city declined to share an assessment of the financial impact from the attack while the investigation is ongoing and did not provide a timeline for a full recovery of all city services.

To read the complete article, visit Cybersecurity Dive.