Nevada stays two days right into a cyberattack that started early Sunday, disrupting authorities web sites, cellphone techniques, and on-line platforms, and forcing all state places of work to shut on Monday.
The affect of the assault was first felt on Sunday morning, with the Governor’s Know-how Workplace stating {that a} ‘community concern’ started round 1:52 AM PT, affecting the state’s IT techniques.
The Governor’s Know-how Workplace warned that web sites, on-line companies, and cellphone strains could possibly be sluggish or unavailable as groups labored to revive service.
“Our groups are actively working to revive regular service,” the company mentioned.
Whereas the company continued to publish updates in regards to the restoration course of, Governor Lombardo finally introduced the closing of all state workplace places on Monday.
Later that afternoon, the Governor’s workplace confirmed in a press assertion to BleepingComputer that the State of Nevada suffered a cybersecurity incident.
“On early Sunday morning, the State of Nevada recognized a community safety incident and instantly engaged in 24/7 restoration efforts. The matter is underneath energetic investigation,” reads an announcement posted on X and shared with the press.
“Because the State continues its restoration efforts, the community safety incident continues to affect the provision of sure state expertise techniques on the state community. Some state web sites or cellphone strains could also be sluggish or briefly unavailable throughout restoration.”
“The State is concentrated on restoring companies safely and validating techniques earlier than returning them to regular operation.”
Though the web sites and on-line companies are unavailable, 911 and emergency companies stay unaffected by the assault.
The state has not responded to BleepingComputer’s query about whether or not ransomware is concerned. Nonetheless, extended disruptions like this are sometimes related to such assaults, the place IT techniques are taken offline to include the affect.
The state has additionally acknowledged that there isn’t any proof to recommend that personally identifiable info has been stolen right now. Nonetheless, if it have been a ransomware assault, then even when safety defenses prevented the encryption of gadgets, the risk actors doubtless had prolonged entry to the community to steal information.
Cyberattacks on authorities businesses usually trigger important disruption however hardly ever result in ransom funds, finally backfiring on attackers by leaving them empty-handed and underneath higher regulation enforcement strain.
The Nevada authorities is now working with native, tribal, and federal businesses to research and reply to the assault.
The Governor’s workplace is warning residents to be cautious of unsolicited calls or emails asking for delicate info.
46% of environments had passwords cracked, almost doubling from 25% final yr.
Get the Picus Blue Report 2025 now for a complete have a look at extra findings on prevention, detection, and information exfiltration tendencies.
