Tag Archive for: approves

Dallas City Council approves $8.6 million in payments for ransomware attack response

/in


The Dallas City Council on Wednesday approved nearly $8.6 million in payments for services related to the ransomware attack earlier this year, including credit monitoring for potential identity theft victims.

The council asked no questions about the payments before unanimously approving the agenda item. The names of the vendors receiving the money, how much each vendor is getting, and what specific services were provided were not laid out in any publicly available documents. A list of what the money is being set aside for was provided to The Dallas Morning News by Deputy City Manager Jon Fortune after the council meeting.

Fortune told the council during the meeting that the city mailed about 27,000 letters starting last week notifying mostly current and former employees, such as retirees, that their data was exposed and that the city is offering credit monitoring because of it.

The $8.6 million is coming from two different city reserve funds to pay invoices to vendors for new hardware, software, consultants, monitoring and other professional services described as emergency purchases made because of the cyberattack, according to city documents.

Politics

Political Points

Get the latest politics news from North Texas and beyond.

According to the city, the money is going toward:

– New storage devices, servers, laptops, desktop computers and mobile dispatch computers for police and fire vehicles to replace ones that were compromised or damaged in the ransomware attack.

– Temporary staff who aided in the city’s recovery efforts.

– Credit monitoring services, identity protection, call center and notification support.

– Forensic accounting.

– Recovery and restoration services for city applications and systems.

– Installation for new hardware and equipment.

– New and additional software licenses to enhance the city’s cybersecurity, response and recovery efforts.

The city is planning to file insurance claims and put any reimbursement received into its general fund contingency reserve, which is 65% of the funding source for these invoice payments. The rest is from the city’s liability reserve fund.

The payment approval comes three months after the city announced being hit with a ransomware attack on May 3.

It…

Source…

Hayward approves emergency proclamation to respond to ransomware attack

/in


There was a special meeting to respond to a ransomware attack on the city of Hayward’s computers and networks. They say no personal data was compromised but online payments for services such as water and building permits are still unavailable. City manager says there is no disruption to emergency services. An expert shares insight into how attackers operate and why cities who’ve been hacked may learn from the experience..

Source…

After ransomware attack, Dallas City Council approves ‘threat and anomaly detection system’

/in


Almost two months after a ransomware attack disrupted City of Dallas online services, council members voted to approve a multi-million-dollar contract for upgraded cybersecurity software.

Council members approved the $3.9 million measure without comment. The agreement between the city and Texas based IT consulting group Netsync, was tucked away in the council’s lengthy consent agenda.

The contract authorizes the city manager to pay Netsync immediately after council approval. Council members also discussed the ongoing ransomware attack that started in early May, among other issues, in executive session during Wednesday’s meeting.

There was no public discussion of the agreement during Wednesday’s meeting, but according to the approved item, the funds are for support of a threat and anomaly detection system for” the city’s IT department.

On May 3, the city was hit by the hacker group Royal, which impacted a number of city systems. Those included the Dallas Police Department, Dallas Fire Rescue, 911 and 311 — the city’s nonemergency service.

Other city services brought down as a result of the attack were the Dallas Water Utilities department, the municipal court building and the public library system. For the duration of the attack — which the city is still recovering from — officials maintained that there was “no indication that customer information…has been leaked from City systems.”

The assurances came after the hacker group posted a message on their blog threatening the release of “tons of personal information of employees (phones, addresses, credit cards, SSNs, passports)…” the post said.

The Federal Bureau of Investigation and the Cybersecurity and Infrastructure Security Agency released a warning about the Royal hacker group in early March.

Got a tip? Email Nathan Collins at [email protected]. You can follow Nathan on Twitter @nathannotforyou.

KERA News is made possible through the generosity of our members. If you find this reporting valuable, consider making a tax-deductible gift today. Thank you.

Source…

Spanish Court Approves Twitter Hacking Suspect’s Extradition

/in


British Man Also Charged With Nude Photo Extortion, Swatting, Cryptocurrency Theft

Mathew J. Schwartz (euroinfosec) •
February 20, 2023    

Spanish Court Approves Twitter Hacking Suspect's Extradition
Image: Shutterstock

Spain’s high court approved the U.S. Department of Justice’s request that a British man be extradited to face charges that he hacked Twitter in 2020 to perpetrate a cryptocurrency scam.

See Also: Live Webinar | Navigating the Difficulties of Patching OT


On Friday, Spain’s Audiencia Nacional decided the U.S. request to extradite Joseph James O’Connor, 23, satisfies the country’s extradition rules.


The Spanish government must now approve O’Connor’s extradition. He can appeal the decision.


Authorities arrested O’Connor, aka “PlugwalkJoe,” in southern Spain’s Costa del Sol in July 2021, at U.S. request. He faces 14 charges including allegations that he helped seize control of 130 Twitter accounts, including ones used by Joseph Biden, Barack Obama, Bill Gates and Elon Musk; extorted individuals via social networking; and perpetrated internet-facilitated robberies.


O’Connor sought to have the extradition request dismissed by arguing that his case should be tried in Spain, where the servers used to perpetuate his alleged crimes are located. He also contended Spain would be a better venue because computer crime offenses in the United States incur disproportionate sentences.


In its decision published Friday, National High Court judges disagreed on both fronts.


The court said the Justice Department’s documentation of crimes allegedly committed by O’Connor was voluminous and detailed. Because no criminal charges have been filed against the suspect in Spain, “the United States is in a better position to prosecute the facts since the evidence obtained in the investigation is found there and because it is the place where the damage has been caused,” they wrote.


About the question of potentially disproportionate U.S. sentencing guidelines for computer crimes, the court said it is not within its purview to review…

Source…