The Nevada state government is reeling from a ransomware attack that has disrupted nearly all state functions and compromised an undisclosed amount of personal information.
Governor Joe Lombardo revealed that government offices were closed and online services taken offline to prevent further intrusion in the wake of the network security incident. State Chief Information Officer Tim Gallluzi later confirmed that the attack involved ransomware.
Several state services have been brought to a standstill, including the closure of numerous offices like the DMV. The attack has also impacted the state’s ability to pay contractors and vendors. A local TV station reported receiving an email indicating that the Aging and Disability Services Division told vendors that no “state payment systems are working.” Businesses whose clients use Medicaid are also experiencing payment delays.
Little Information Shared
State officials did not share whether a ransom was demanded or why the state was targeted. Nevada law prevents the disclosure of technical details of the attack, as doing so could threaten public safety.
Officials also did not have a timeline for restoring state services. In his latest update, Galluzi acknowledged residents’ frustration over being unable to access these services, noting that restoring the systems is a “meticulous process.”
As a result, the governor’s office warned Nevadans to be cautious of unsolicited calls, emails, or texts requesting financial payments, which could stem from information stolen in the attack. “The State will not ask for your password or bank details by phone or email,” the memo said. “As official state websites return online, verify information.”
Governments Are a Target
Ransomware attacks on local governments have become all too common. The city of Columbus fell victim to a massive ransomware attack a year ago, prompting Ohio to require every government agency to implement a cybersecurity program. Other ransomware attacks have temporarily shuttered services in St. Paul, Minnesota, and Fulton County, Georgia.
“Smaller municipalities and utilities are common targets for ransomware attacks, which more often than not are traced back to a phishing attack that targeted an employee,” said Tracy Goldberg, Director of Cybersecurity at Javelin Strategy & Research. “DNS blocking and anti-phishing education are critical first steps, but so is dark web threat intel. As ransomware become more prevalent, entities of all sizes will have to turn to organizations that specialize in threat intel to help them better identify risks associated with specific types of malware strains and infostealers, and the threat actors behind them.”
