Nevada remains two days into a cyberattack that began early Sunday, disrupting government websites, phone systems, and online platforms, and forcing all state offices to close on Monday.
The impact of the attack was first felt on Sunday morning, with the Governor’s Technology Office stating that a ‘network issue’ began around 1:52 AM PT, affecting the state’s IT systems.
The Governor’s Technology Office warned that websites, online services, and phone lines could be slow or unavailable as teams worked to restore service.
“Our teams are actively working to restore normal service,” the agency said.
While the agency continued to post updates about the recovery process, Governor Lombardo ultimately announced the closing of all state office locations on Monday.
Later that afternoon, the Governor’s office confirmed in a press statement to BleepingComputer that the State of Nevada suffered a cybersecurity incident.
“On early Sunday morning, the State of Nevada identified a network security incident and immediately engaged in 24/7 recovery efforts. The matter is under active investigation,” reads a statement posted on X and shared with the press.
“As the State continues its recovery efforts, the network security incident continues to impact the availability of certain state technology systems on the state network. Some state websites or phone lines may be slow or briefly unavailable during recovery.”
“The State is focused on restoring services safely and validating systems before returning them to normal operation.”
Although the websites and online services are unavailable, 911 and emergency services remain unaffected by the attack.
The state has not responded to BleepingComputer’s question about whether ransomware is involved. However, prolonged disruptions like this are often associated with such attacks, where IT systems are taken offline to contain the impact.
The state has also stated that there is no evidence to suggest that personally identifiable information has been stolen at this time. However, if it were a ransomware attack, then even if security defenses prevented the encryption of devices, the threat actors likely had extended access to the network to steal data.
Cyberattacks on government agencies often cause significant disruption but rarely lead to ransom payments, ultimately backfiring on attackers by leaving them empty-handed and under greater law enforcement pressure.
The Nevada government is now working with local, tribal, and federal agencies to investigate and respond to the attack.
The Governor’s office is warning residents to be cautious of unsolicited calls or emails asking for sensitive information.
46% of environments had passwords cracked, nearly doubling from 25% last year.
Get the Picus Blue Report 2025 now for a comprehensive look at more findings on prevention, detection, and data exfiltration trends.
Source link
