- The State of Nevada says it suffered "network security incident"
- While not officially described as a cyberattack, it certainly resembles a ransomware attack
- There is no evidence of stolen files yet
Offices, websites, and phone lines of the state government of Nevada were all made unavailable and taken offline following an apparent cyberattack.
The official X account of the Governor Lombardo Press Office posted an announcement saying the State of Nevada “identified a network security incident”.
At the moment this article was written, the website was still offline, displaying a single message, saying “The requested URL was rejected. Please consult with your administrator.”
Was this a ransomware attack?
“As the State continues its recovery efforts, the network security incident continues to impact the availability of certain state technology systems on the state network,” the announcement adds. “Some state websites or phone lines may be slow or briefly unavailable during recovery.”
The way the announcement is worded does not suggest this was a cyberattack, however with multiple services offline, an ongoing investigation, and the state looking to restore the services one by one, it all bears the markings of a ransomware attack.
Ransomware attacks also usually include data theft, with criminals exfiltrating sensitive files to be used as leverage in case the victim can restore their services via backups.
In this case, however, Nevada says there is currently no evidence that any personally identifiable information (PII) was compromised.
At press time, no threat actors assumed responsibility for the attack, but ransomware against US state and local governments has historically been carried out by financially motivated criminal groups rather than state-sponsored actors.
Some of the better-known ransomware gangs that have targeted US government entities include LockBit, BlackCat/ALPHV, Cl0p, Royal, and Vice Society.
According to a Reuters report, the Cybersecurity and Infrastructure Security Agency also issued a statement, claiming it was "actively tracking this network security incident and together with our partners, we are collaborating with the State of Nevada to offer our assistance."
You might also like
- US becomes ransomware capital of the world as attacks rise by almost 150 percent
- Take a look at our guide to the best authenticator app
- We've rounded up the best password managers
