Dallas County officials stated Tuesday that a cyber attack they now ascertain used to be detected on October 19 has been contained with out a closure of products and services.
However, considerations stay about protective the non-public information of workers and proof for court docket circumstances.
The Tax Office at Dallas County’s Records Building and each and every different county serve as operated most often, officials stated.
Computer networks had been on-line for public get admission to. A hacker crew claims in an internet post that it accessed knowledge and plans to post it on Saturday.
“We have no idea whether what they say is true or not,” County Commissioner John Wiley Price stated.
There has been no ransom call for, in step with Price. Most Dallas County knowledge is public information anyway.
What may well be destructive is the general public unlock of county workers’ private information or proof for court docket circumstances.
University of Texas at Dallas Cyber knowledgeable Dr. Murat Kantarcioglu stated hackers in most cases attempt to get admission to extra delicate recordsdata.
“Usually, attackers leave some back doors open so they can continue the attack in the future. So, it’s really important to remove these back doors and any malware they left behind,” he stated.
Price stated county folks were operating to deal with the issues, and outdoor mavens investigating the problems have given sure comments to the reaction.
“IT took action. We notified all of our partners. They were on spot immediately. They said we have followed all of the protocols,” Price stated.
Dallas County govt is simply the newest North Texas goal of a cyber attack.
The City of Dallas used to be crippled in May by way of a ransomware attack.
To comprise any unfold, Police and Fire dispatch computer systems had been close down. Municipal Court closed. Library computer systems had been offline.
(*5*) Kantarcioglu stated. “Increasingly local governments are targeted by cyber-attacks.”
Now, Dallas Police were cautioned about digital communique with Dallas County prison courts.
“And they should. And we did the same things when we heard they had had a hit,” Price stated.
Kantarcioglu stated court docket recordsdata may well be an interesting goal to persuade the result of circumstances.
“Imagine there was a significant piece of video evidence against a person. If the evidence is not there, what are you going to argue,” he stated.
The UTD knowledgeable stated the revel in from different assaults is helping give a boost to reaction to new ones.
County officials stated there’s no indication that court docket proof has been hacked.
And they’re operating to offer protection to the non-public information of workers.
“I’m speaking from that vantage point,” Price stated.
It comprises the non-public information of elected officials just like the County Commissioners, too.
Here is all of the message posted by way of Dallas County Tuesday concerning the cyber incident.
Dear Residents and Partners,
Thank you on your inquiry. We worth our courting with you and your self belief in us. We can percentage the up to date information under concerning the fresh cybersecurity incident impacting Dallas County.
Description of the Incident
As you might be mindful, on October 19, 2023, Dallas County was acutely aware of a cybersecurity incident affecting a portion of our surroundings. Once we detected the incident, we retained exterior cybersecurity execs to lend a hand in our efforts to comprise the danger, examine the character and scope of the attack, and beef up our safety efforts to cut back the possibility of recurrence of this sort of attack.
Currently, our paintings with the cybersecurity company is ongoing. While our purpose is to be clear and coming near near with information with regards to the incident, we don’t need to make untimely assumptions concerning the extent of affect or different main points, which might evolve because the forensic investigation advances. Because transparency is vital to us, on the other hand, we’re sharing further information with regards to our containment efforts. The County will supply updates once extra information turns into to be had.
Containment and Additional Security Efforts
Due to our containment measures, Dallas County interrupted knowledge exfiltration from its atmosphere and successfully avoided any encryption of its recordsdata or techniques. It seems the incident has been successfully contained, in part because of the measures we now have carried out to reinforce the protection of our techniques. These measures come with:
- Extensive deployment of an Endpoint Detection and Response (EDR) instrument throughout servers and endpoints hooked up to our community.
- Forcing password adjustments for all customers to grant get admission to to our techniques.
- Mandating multi-factor authentication for faraway get admission to to our community.
- Blocking ingress and egress visitors to IP addresses known as malicious.
Currently, there’s no proof of ongoing danger actor task in the environment. Given those measures and findings, it sounds as if right now that the incident has been effectively contained and that Dallas County’s techniques are safe to be used.
Next Steps
We hope the information we will supply nowadays solutions questions you will have concerning the incident, and we admire your persistence and figuring out as we proceed to paintings via this procedure. Our staff and assets are centered on finishing the investigation. We will stay you apprised of related traits because the investigation continues via this devoted webpage. We inspire you to consult with it often.
Thank you on your persisted partnership and enhance.
[/gpt3]