The State of Nevada is currently in the midst of a significant cyberattack that has crippled its digital infrastructure and disrupted essential government services. The incident began early Sunday morning, with the Governor’s Technology Office initially reporting a “network issue” around 1:52 AM PT. This disruption quickly escalated, affecting state websites, online platforms, and phone systems, and forcing Governor Lombardo to announce the closure of all state offices on Monday. The attack has brought many public-facing operations to a standstill, impacting everything from DMV services and food assistance applications to access to law enforcement databases.
The nature of the attack, while not officially confirmed as ransomware by state officials, bears the hallmarks of such a breach.
The prolonged downtime and the necessity of taking systems offline to contain the threat are often tactics used in ransomware attacks. Furthermore, on Wednesday, officials revealed that their investigation found evidence that “malicious actors” had moved “some data” outside of the state’s network. While the specific nature of this exfiltrated data has not been identified, this new information raises concerns about the potential compromise of sensitive information, a common element of sophisticated ransomware-based attacks, even if no ransom is paid.
In response to the attack, the state has launched a robust recovery effort, working closely with local, tribal, and federal agencies, including the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI). CISA’s involvement highlights the severity of the incident, as their teams are assisting in restoring critical services and hunting for threats within the state’s network. Officials have stated that bringing systems back online is a “meticulous process” to ensure the threat is fully eradicated before reconnection, underscoring the priority of security over speed.
The impact of the cyberattack has been felt across the state.
The Department of Motor Vehicles (DMV), a key public service, remains closed, with officials asking law enforcement for leniency for individuals with expiring licenses and registrations. The Department of Human Services has also seen delays in processing new applications for programs like SNAP, although they are trying to prevent any interruption in the delivery of vital social services. The disruption serves as a stark reminder of the vulnerability of state and local governments to cyber threats, which have become a growing trend in recent years.
As the investigation and recovery efforts continue, the Nevada government is taking steps to protect its citizens. The Governor’s office has issued a warning to residents to be cautious of unsolicited calls or emails requesting sensitive information, such as passwords or bank details, as these are often scams designed to take advantage of the chaos created by the attack. While the full scope of the breach and its long-term consequences are still being assessed, the unified response from various agencies and the focus on a secure restoration are critical steps toward mitigating the damage and restoring public services.
Reference:
