Did the Dallas Ransomware Attack Put Lives at Risk?

  • Thread starter Thread starter bob012345
  • Start date Start date
  • Tags Tags
    hackers
Click For Summary

Discussion Overview

The discussion revolves around the implications of a ransomware attack on the city of Dallas, particularly focusing on the potential risks to public safety and the accountability of various parties involved. Participants explore the nature of the attack, its possible state sponsorship, and the responsibilities of individuals and organizations in cybersecurity.

Discussion Character

  • Debate/contested
  • Technical explanation
  • Conceptual clarification

Main Points Raised

  • Some participants express concern that the ransomware attack could have endangered lives, particularly as emergency services were compromised.
  • There are suggestions that if the attack is state-sponsored and leads to fatalities, retaliatory actions, such as military strikes, should be considered.
  • Participants discuss the connection between ransomware gangs and Russian intelligence, with some citing articles that link the 'Royal' gang to state-sponsored activities.
  • There is a debate about the accountability of city employees who may have clicked on phishing emails, with some arguing that while they are victims, they also bear some responsibility for their actions.
  • Others counter that blaming victims is inappropriate, emphasizing that the attackers are primarily at fault.
  • Some participants highlight the prevalence of phishing attacks and the ease with which users can be deceived, suggesting that more training and vigilance are necessary.
  • Concerns are raised about the effectiveness of cybersecurity training and the frequency of phishing attempts that employees encounter.
  • There are discussions about the potential for the city to pay a ransom, referencing previous incidents where payments were made to recover data.

Areas of Agreement / Disagreement

Participants do not reach a consensus on the responsibility of individuals versus the attackers, with some advocating for personal accountability while others firmly reject this notion. The discussion remains unresolved regarding the implications of state sponsorship and the appropriate responses to such attacks.

Contextual Notes

Participants express varying levels of concern about the adequacy of cybersecurity measures and the potential consequences of the attack, but there is no agreement on specific actions or outcomes.

bob012345
Gold Member
Messages
2,323
Reaction score
1,041
The city of Dallas has been the target of a Ransomware Attack by criminal hackers for almost a week now. Some city services are still out. The public is not being told much except they think it is by a group called 'Royal'. Fire, Police, ambulance were all compromised as well as the other city services. I don't know if anyone died as a result of the attack but I would not be surprised.

https://www.washingtonpost.com/poli...ights-ransomwares-risks-public-safety-health/
 
Reply
  • Sad
  • Informative
  • Wow
Likes   Reactions: Wrichik Basu, dlgoff and berkeman
Physics news on Phys.org
If this is state-sponsored and someone dies, the US should send a half dozen cruise missiles into the capital of the sponsor. While they will not convince anyone that it is wrong to do this, they may convince them that it is unsafe to do this.
 
Reply
  • Like
Likes   Reactions: russ_watters and bob012345
Vanadium 50 said:
If this is state-sponsored and someone dies, the US should send a half dozen cruise missiles into the capital of the sponsor.
Looks like we already tried that. Well, it was more like a guided weather balloon that was shot down at the last second...

230503150138-01-kremlin-purported-drone-attack.jpg

https://www.cnn.com/2023/05/04/europe/kremlin-drone-attack-analysis-intl/index.html

And if we're going to go after the hackers that sent the original phishing e-mails that gained them the access, shouldn't we also punish the dumb Dallas city ******s that opened those e-mails and clicked on the links? :wink:
 
berkeman said:
And if we're going to go after the hackers that sent the original phishing e-mails that gained them the access, shouldn't we also punish the dumb Dallas city ******s that opened those e-mails and clicked on the links? :wink:
I see the wink but no, let's not blame the victims.
 
bob012345 said:
I see the wink but no, let's not blame the victims.
I dunno. The Darwin awards come to mind, but usually those don't involve lots of collateral damage...
 
bob012345 said:
I see the wink but no, let's not blame the victims.
Blame for the attack is a legal and/or moral culpability for the bad actions. It clearly does not apply to victims. But users are not free from personal responsibility for their own actions just because they were victims. Vigilance is an affirmative responsibility, and users can be blamed for their own actions regardless of the separate issue of the attack. Far too many people do not give digital security its due attention. For some circumstances such as for those with security clearances, that is its own crime.

You can't have a teachable moment without fault for an error. Step 1 of learning is acknowledging a mistake. And to that end, cybersecurity should involve routine testing of defenses with consequences for repeat offenders.
 
Reply
  • Like
Likes   Reactions: Astronuc and berkeman
russ_watters said:
Blame for the attack is a legal and/or moral culpability for the bad actions. It clearly does not apply to victims. But victims are not free from personal responsibility for their own actions. Vigilance is an affirmative responsibility, and victims can be blamed for their own actions regardless of the separate issue of the attack. Far too many people do not give digital security its due attention. For some circumstances such as for those with security clearances, that is its own crime.

You can't have a teachable moment without fault for an error. Step 1 of learning is acknowledging a mistake.
Who says there is anything to teach or that it was some mistake by a civil servant? I think Russian professionals can hack into a system by themselves.
 
bob012345 said:
Who says there is anything to teach or that it was some mistake by a civil servant? I think Russian professionals can hack into a system by themselves.
That's not usually how these things work. They are usually breaches due to phishing or similar email spam scams. A user clicks a bad link in an email or downloads and executes the virus/worm themselves.

https://security.berkeley.edu/faq/ransomware/
 
  • #10
bob012345 said:
Who says there is anything to teach or that it was some mistake by a civil servant? I think Russian professionals can hack into a system by themselves.
How many mandatory annual trainings have you gone through in this? How many phishing e-mails per month do you receive?
 
  • #11
russ_watters said:
That's not usually how these things work. They are usually breaches due to phishing or similar email spam scams. A user clicks a bad link in an email or downloads and executes the virus/worm themselves.

https://security.berkeley.edu/faq/ransomware/
Royal does that much of the time but also can gain direct control through other tools. Just found out that the Dallas Central Appraisal District was hit last year by Royal and they actually paid 170k to the hackers. Operations were impacted for 72 days. What a shame.
 
  • #12
Made you look. And run your anti-virus software now please...
 
Reply
  • Like
  • Haha
Likes   Reactions: JT Smith, gmax137 and topsquark
  • #13
berkeman said:
How many mandatory annual trainings have you gone through in this? How many phishing e-mails per month do you receive?
My company needs to step up their game. We had some training and a test more than a year ago and that's the only time ever, minus an occasional warning after half a dozen people click a malicious link in one attack. It's shockingly, head-shakingly easy to get people to click malicious links/attachments.
 
Reply
  • Like
Likes   Reactions: berkeman
  • #14
I now get 6-8 pretty realistic phishing e-mails a month, but fortunately our company e-mail system reminds us when e-mails orginate from outside our company (even if the source e-mail looks valid).

In my previous company, they added a few extra characters onto our e-mail addresses to make phishing e-mails pretty much non-existent.
 
Reply
  • Like
Likes   Reactions: russ_watters
  • #15
bob012345 said:
links gangs to Russian Intelligence service
  • That someone is guilty of other bad things doesn't mean they are guilty of this bad thing.
  • "Links" is a nebulous word - that's why I used the term "sponsor".
  • If a foreign power's position is "Give us money or we will damage your infrastructure and kill your people" they shouldn't be surprised if their intended victim takes steps that indicate this position is...um...imprudent.
 
Reply
  • Like
Likes   Reactions: gmax137, BillTre and russ_watters
  • #16
berkeman said:
How many mandatory annual trainings have you gone through in this? How many phishing e-mails per month do you receive?
I'm not on any company network, just a lone, private computer which is a Mac. I also get email on an iPad. I try to be very careful not to just click on unsolicited links in emails. Only once in a great while do I get a message that looks suspicious. I also try not to forward emails with unknown links to others, usually only links I generated or otherwise trust. But still, I could be fooled by professional criminals.
 
Reply
  • Like
Likes   Reactions: BillTre
  • #17
bob012345 said:
But still, I could be fooled by professional criminals.
While I'm sure it's possible, most of the time they don't put forth such effort, they just saturation bomb an easy/mediocre attack and pick off the weaker ones in the flock. Most pfishing attacks (including the major one we just had) can be thwarted simply by hovering your cursor over the link and reading the URL. But it only has to defeat a fraction of a percent of users to succeed.
 
Reply
  • Like
Likes   Reactions: BillTre, bob012345 and Astronuc
  • #18
When I was working, we would periodically get emails asking us to do this or that, secretly sent by the IT security guys. These were tests, to see if we would click, ignore, or report. The one I remember said "You have won a free pizza from [popular pizza joint down the street]!! click to get your coupon!" The email looked like a poster from the pizza place, very convincing reproduction of their logo and advertising slogans. I nearly fell for that one.
 
Reply
  • Like
  • Wow
Likes   Reactions: russ_watters and BillTre
  • #19
As of yesterday, Dallas' chief IT official refuses to rule out paying a ransom and says "all options are on the table". He said that there were no signs that banking data had been breached but told customers to "watch for any suspicious activity". I called my bank. They were unaware there was an attack. In the last attack on Dallas the city hired a third party to negotiate the ransom because Royal had encrypted the city tax database and the city had no paper or physical backup. This is why I opt for paper bank statements.
 

Similar threads

Current and Future AI Threats to Humanity and the Human Response
  • · Replies 10 ·
Replies
10
Views
5K
News Bush Honest & Trustworthy Until How Many Lies?
  • · Replies 65 ·
3
Replies
65
Views
11K