5/3/2023
Originally Published: 03 MAY 23 16:46 ET
By Sean Lyngaas, CNN
(CNN) -- The City of Dallas is dealing with a ransomware attack that took the Dallas Police Department website offline but so far appears to have limited impact on city services for residents, the city said in a statement on Wednesday.
City officials have "confirmed that a number of servers have been compromised with ransomware, impacting several functional areas," including the police department's website, the statement said.
Officials are working to contain the spread of the malicious software from city computer systems and to restore any affected services.
"The Dallas Police Department is being affected by an outage in the city," Kristin Lowman, a public information officer for the department, told CNN in an email. She did not respond to a question on how the hack is affecting the Dallas Police Department.
There were reports of computer outages or connectivity issues at other Dallas government agencies on Wednesday afternoon.
A computer system that processes records for the Dallas Court and Detention Services Department has been down since 6 a.m. local time on Wednesday, according to a person who answered the phone at the department Wednesday afternoon but declined to give their full name.
"Our system went completely down so there's not much we can see in terms of looking up people's citations and traffic tickets," the person said, adding they were unsure what caused the outage.
CNN has requested comment from the FBI and the US Cybersecurity and Infrastructure Security Agency on the Dallas hack.
This isn't the first time that a big American city's police department has been impacted by ransomware. A Russian-speaking criminal group leaked online a trove of data stolen from the Washington, DC, Police Department in 2021.
Ransomware attacks typically lock computer files so hackers can demand a ransom. Such hacking incidents have for years plagued state and local governments, which often don't have the money and personnel to deal with the threat. A 2019 attack on the city of Baltimore halted the city's ability to process water-billing payments for three months, according to The Baltimore Sun. Baltimore officials estimated at the time that the ransomware attack would cost the city at least $18 million.
In January 2022, two separate cyberattacks disrupted public services in New Mexico's most populous county, with one forcing the Albuquerque public school system to temporarily close and another knocking out cameras at a local jail.
Federal officials are trying to shore up the defenses of state and local governments with federal money and a new program to warn organizations that might be vulnerable to hacking threats.
Quentin Rhoads-Herrera, a Dallas-based cybersecurity executive, told CNN that when he is hired to test the cybersecurity of state and local governments, "we commonly find their security posture to be weaker than that of the average corporate company."
"This is not due to a lack of concern, but rather a lack of resources and manpower to address the ever-growing challenges of cybersecurity," said Rhoads-Herrera, who is CEO of security firm Vector0.