KILLEEN, Texas (KXXV) — The City of Killeen recently faced a significant cyberattack, a complete shutdown of all city system on August 7, after enduring over 100 email phishing attempts reported between July 13 and 30.
Willie Resto, head of the City of Killeen's IT department, detailed the timeline of the attack, which began on the afternoon of July 30 when the city first confirmed that attackers had accessed city servers.
A post-incident report revealed that the attackers used a VPN to gain access that night.
In the following two days, Resto discovered evidence that the attackers were staging encrypted and zip files on the city servers.
The first disruption to online services occurred on August 7 — prompting city officials to report the attack to the FBI and the Texas Department of Safety.
By the next day, all systems were back in order just three hours after local media outlets were alerted.
Resto credited his team’s swift action and recovery process for saving the city from weeks of chaos.
Despite the attack, Resto was unable to divulge all findings in his report due to Governance Code 259.05.
However, he did outline the initial entry point for the attackers and identified areas for post-incident improvement for his team.
Resto confirmed that no ransom was paid to the hackers, with only costs being for a third-party incident report review.
