A Dallas agency has admitted to paying hackers $170,000 after being hit by a ransomware attack.
The Dallas Central Appraisal District (DCAD) publicly determines the value of all county real and personal property for tax purposes. disclosed It turned out to have been hacked on November 8th, 2022.
Agency disrupts all computer systems, website Over 2 months offline.
Dallas County Chief Appraiser Ken Nolan told reporters The attack likely entered the organization after an employee was tricked by a phishing email.
DCAD was under attack by the notorious Royal Ransomware group. The group demanded nearly $1 million worth of cryptocurrency to protect the decryption keys and stolen data from being published online.
Part of ransomware message:
“We are Royal Ransomware. If you are reading this note, we are in control of your system. We can help you guys. We need money.”
Nolan sought help from the FBI, and DCAD worked with third-party experts to help negotiate with the attackers.
Ultimately, $170,000 worth of Bitcoin was paid out by DCAD to the Royal Ransomware Group from a rarely used emergency reserve fund.
The decision whether to pay the ransom to the hackers is a contentious one, with strong views on both sides of the debate. , seems to have decided that there is no practical alternative.
The lengthy outage at DCAD has created headaches for realtors and homeowners who have relied on agency websites to gather information related to property owners. In its latest update on the violation, the DCAD stated that emails sent since the incident have not been received and cannot be received, and that many email addresses listed on the website’s contact page are still not working. warning that it is not being monitored or monitored.
As a result, agencies are asking realtors with pressing issues to contact them by phone rather than electronically.
In early December 2022, the equivalent agency of DCAD in Travis County, Austin will also Attacked by Royal Ransomware GroupBut it managed You can restore your system in as little as a week without paying the ransom to the hackers.