Dive Brief:
- Multiple critical services remain down two weeks after Dallas was hit by a ransomware attack that caused widespread outages to city services.
- The city’s municipal court still can’t access payments and all court hearings, trials and jury duty have been canceled until further notice. While computers are back online in police vehicles, the rest of the Dallas Police Department’s systems remain unavailable.
- A complete recovery and restoration of services could be weeks away, the city said Monday in a statement. “Given the complexity of checking, cleaning and restoring interoperability to remaining departmental devices, systems and applications, it will likely take weeks to get back to full functionality,” the city said Monday in a statement.
Dive Insight:
The slow pace of recovery for Dallas isn’t uncommon — average ransomware recovery times are measured in weeks, not days — but for a city of nearly 1.3 million people, the unavailable services caused by the continued downtime are amplified.
“It’s impossible to estimate how long the recovery process will take,” Brett Callow, threat analyst at Emsisoft, said via email. “Some systems will likely come back online before others. It could be months before everything returns to normal.”
City officials on Tuesday underscored the ongoing negative impacts on public safety, just as it prepares for a data-driven summer safety program designed to help reduce crime during a season when crime rates typically increase.
“I don’t have the data on a daily basis. So yes, to be honest it’s problematic,” Dallas Police Chief Eddie Garcia said Tuesday at a news conference, according to WFAA. “It’s severely impacting our ability to plan for what we’re trying to do, so we are going on historical data.”
Other challenges, such as inputting a weeks-long backlog of information, await police personnel when systems are restored, Garcia said.
The city’s IT department recovered and restored access to multiple public services and websites within a week of the attack, but other systems are still down.
“There is still no indication that data from residents, vendors or employees has been leaked,” Dallas said Monday in a statement.
While Dallas officials previously blamed the attack on Royal, the city has not said whether the prolific ransomware group made a ransom demand.
The city’s press department did not respond to requests for comment.